Blacklist netmask: ASA5510 botnet filter

Unanswered Question
Oct 23rd, 2009
User Badges:

I am testing IP blacklists through the botnet filter.


If I try to add:

62.5.128.0/17


to the blacklist - I get the error message 'The netmask is not valid'. Can anyone explain that? I mean, that is a valid netmask is it not?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Sun, 10/25/2009 - 09:54
User Badges:
  • Cisco Employee,

http://www.subnet-calculator.com/subnet.php?net_class=A


That is correct.

What command are you trying to add?


dynamic-filter blacklist


I just tried to add it and it worked:

5505(config)# sh run dynamic-filter

dynamic-filter blacklist

address 62.5.128.0 255.255.128.0


check command reference here:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/d2.html#wp1909142

congressgroup Mon, 10/26/2009 - 07:32
User Badges:

Perhaps it is a problem with the ASDM interface. I will try to connect directly and see if the command line is better.

Actions

This Discussion