Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
0
Helpful
5
Replies

Hostname(with wildcards) based access-list or policy.

ravinder.dahiya
Level 1
Level 1

‎04-03-2009 08:30 AM - edited ‎02-20-2020 09:41 PM

Is there any way in cisco to use hostnames with wildcards either in ACL, or Policy, class map etc, for example I want to identify following devices with one keyword..for blocking/permit etc

UKlondon001

UKlondon002

UKlondon003

Uklondon004

UKlondon005

I want to capture all these with wildcard UKlondon*

something like regular expressions...

Labels:
0 Helpful
5 Replies 5

John Blakley
VIP Alumni
VIP Alumni

‎04-03-2009 08:38 AM

You can group them in object-groups. You'll need to configure their names and then create an object group:

name 10.5.5.5 uklondon001

name 10.5.5.6 uklondon002

object-group network UKLONDONS

network-object host uklondon001

network-object host uklondon002

access-list permit tcp any object-group UKLONDONS eq 80

The above (from memory so don't quote me) will allow any traffic to hit any of those servers on port 80.

If you're wanting to do this for certain websites like youtube.com or google.com, you'll need to use regex and class-maps.

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

ravinder.dahiya
Level 1
Level 1
In response to John Blakley

‎04-03-2009 08:41 AM

Thanks!! for reply..

1. Infact I am looking for a solutions in routers.

2. Still I am not able to see wildcards.

0 Helpful

John Blakley
VIP Alumni
VIP Alumni
In response to ravinder.dahiya

‎04-03-2009 08:43 AM

No, you won't be able to use wildcards or regex in an acl.

HTH, John *** Please rate all useful posts ***
0 Helpful

John Blakley
VIP Alumni
VIP Alumni
In response to John Blakley

‎04-03-2009 08:45 AM

You can do this however:

http://www.handbook.dk/block-domains-on-a-cisco-asa-152.htm

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

ravinder.dahiya
Level 1
Level 1
In response to John Blakley

‎04-03-2009 09:28 AM

thx...

Infact I am looking for a solution on router..

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents