Blacklist netmask: ASA5510 botnet filter

Unanswered Question
Oct 23rd, 2009

I am testing IP blacklists through the botnet filter.

If I try to add:

62.5.128.0/17

to the blacklist - I get the error message 'The netmask is not valid'. Can anyone explain that? I mean, that is a valid netmask is it not?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Sun, 10/25/2009 - 09:54

http://www.subnet-calculator.com/subnet.php?net_class=A

That is correct.

What command are you trying to add?

dynamic-filter blacklist

I just tried to add it and it worked:

5505(config)# sh run dynamic-filter

dynamic-filter blacklist

address 62.5.128.0 255.255.128.0

check command reference here:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/d2.html#wp1909142

congressgroup Mon, 10/26/2009 - 07:32

Perhaps it is a problem with the ASDM interface. I will try to connect directly and see if the command line is better.

Actions

This Discussion