I was attempting to add a PAT (port address translation) rule for https (TCP 443) on a customer's Cisco ASA. The rule kept getting rejected with the error that it could not be created. After trying a few times, I figured out the ASA was rejecting the rule because ASDM (Adaptive Security Device Manager) access, which uses https had been enabled on the outside interface. I changed the port number for ASDM and I was then able to create the PAT rule.