Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
634
Views
0
Helpful
1
Replies

ASA can I define a range of IP addresses?

goldnetps
Level 1
Level 1

‎07-28-2009 11:25 AM - edited ‎03-10-2019 04:36 PM

Can I define a range of IPs in an access list?

I know it was not possible in the old versions, I could only define something that could fit in a network/mask pair.

Like, 192.168.40.0 255.255.255.0

But what if I want to define from 192.168.40.23 to 192.168.40.80?

Thanks.

Labels:
0 Helpful
1 Reply 1

Collin Clark
VIP Alumni
VIP Alumni

‎07-28-2009 12:38 PM

You can VLSM at the proper boundaries

192.168.40.96 255.255.255.224 which would include hosts .97-.126. If the hosts don't fit in a neat VLSM, you can create an object group and enter them in there. Let's say you want .97-.100.

object-group network CERTAIN_HOSTS

network-object host 192.168.40.97

network-object host 192.168.40.98

network-object host 192.168.40.99

network-object host 192.168.40.100

You can also add VLSM networks in the object group above.

Hope that helps.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents