robertson.michael Sun, 08/31/2008 - 10:29
User Badges:
  • Silver, 250 points or more

Hi Celso,

If you simply want to refer to hostnames within your configuration rather than IP addresses, you can use the 'name' command. So, your configuration could look something like this (taken from the ASA command reference):

hostname(config)# names

hostname(config)# name sa_inside

hostname(config)# name sa_outside

hostname(config-if)# ip address inside sa_inside

hostname(config-if)# ip address outside sa_outside

Also, here is a link to that command reference:

Hope that helps.


cfajardo1_2 Sun, 08/31/2008 - 22:46
User Badges:

thx but what am asking is if theres a way to add a dns ip and the asa will do a lookup there for name resolution rather than doing all this harcoded names on asa?

ariesc_33 Mon, 09/01/2008 - 19:51
User Badges:

i had to create hundreds of names and groups manually on the firewall to simplify my configuration.

this is a good question, hope someone can clarify this.

robertson.michael Tue, 09/02/2008 - 08:24
User Badges:
  • Silver, 250 points or more

Unfortunately, this is not possible. You must use either an IP address or a name (configured with the 'name' command mentioned above) in the firewall's configuration. You can also use object-groups to condense ACLs, but again this all must be manually entered at least once into the firewall's configuration.


cfajardo1_2 Sun, 09/07/2008 - 09:09
User Badges:

so it seems it is not possible at all...thx a lot gents


