Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5510 blacklist not working.

I have a ASA 5510. I'm trying to set up a blacklist. I have added this for the inbound access-list (access-group outbound in interface inside), but it is not working. Any ideas?

object-group network BLACKLIST
 network-object host xx.xx.xx.xx
 

access-list inside extended deny ip object-group BLACKLIST any

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

From what you have said, your

From what you have said, your access group statement seems to be referencing an ACL called outbound, but your ACL is called inside.

3 REPLIES
Bronze

From what you have said, your

From what you have said, your access group statement seems to be referencing an ACL called outbound, but your ACL is called inside.

Community Member

Thanks for the reply. I didn

Thanks for the reply. I didn't do the configuration, and the naming is horrible. And my CLI skills are a little rusty. I changed the ACL, and it seems to be working. Thanks for taking a look.

Bronze

Glad it is working for you

Glad it is working for you now.

When something needs to be named, whether it is an ACL, Route Map, Class Map etc.. I tend to always reference an abbreviation in my name, e.g RM for route-map, CM for class-map

ip access-list extended ACL_DF

route-map RM_DF permit 10
match ip address ACL_DF

I think a lot of others will most likely follow the same, or similar.

32
Views
0
Helpful
3
Replies
CreatePlease to create content