ASDM - object-group network DM_INLINE_NETWORK_1

Unanswered Question
Nov 21st, 2008
User Badges:

Recent versions of ASDM create

"object-group network DM_INLINE_NETWORK_1"

statements automagically.


I could not find any documentation about this.


Can anybody explain what the purpose of this approach is?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vwalsh Fri, 11/21/2008 - 14:29
User Badges:

if you search your config - you should see that it is a grouping of objects. The system creates them for you if you put more than 1 object on a rule.

For example, if your rule is src1 to dest1&2 port xx

Then you will have an object group network dm_inline_network_1 with dest1&2 in it.

if you do another rule the same way with different destinations - it will make another one for you - dm_inline_network_2 & so on.

Farrukh Haroon Sat, 11/22/2008 - 04:49
User Badges:
  • Red, 2250 points or more

It is meant to simply your configurations.


Regards


Farrukh

I like using the ASDM but it would be good if you could disable this feature. From experecne I have found that auditors love vague non descriptive commands in firewalls such as (DM_INLINE_NETWORK) This "feature" has forced me to abandon using the ASDM to configure our firewalls.


Message was edited by: Christopher Smith

Actions

This Discussion