04-03-2009 08:30 AM - edited 02-20-2020 09:41 PM
Is there any way in cisco to use hostnames with wildcards either in ACL, or Policy, class map etc, for example I want to identify following devices with one keyword..for blocking/permit etc
UKlondon001
UKlondon002
UKlondon003
Uklondon004
UKlondon005
I want to capture all these with wildcard UKlondon*
something like regular expressions...
04-03-2009 08:38 AM
You can group them in object-groups. You'll need to configure their names and then create an object group:
name 10.5.5.5 uklondon001
name 10.5.5.6 uklondon002
object-group network UKLONDONS
network-object host uklondon001
network-object host uklondon002
access-list permit tcp any object-group UKLONDONS eq 80
The above (from memory so don't quote me) will allow any traffic to hit any of those servers on port 80.
If you're wanting to do this for certain websites like youtube.com or google.com, you'll need to use regex and class-maps.
HTH,
John
04-03-2009 08:41 AM
Thanks!! for reply..
1. Infact I am looking for a solutions in routers.
2. Still I am not able to see wildcards.
04-03-2009 08:43 AM
No, you won't be able to use wildcards or regex in an acl.
04-03-2009 08:45 AM
You can do this however:
http://www.handbook.dk/block-domains-on-a-cisco-asa-152.htm
HTH,
John
04-03-2009 09:28 AM
thx...
Infact I am looking for a solution on router..
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: