Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
dan
Community Member

ASA 5520: Adding network objects via CLI

Hi (again),

I'm working with ASA 5520s. I am trying to figure out how to add network objects via CLI. I know I could easily do it using ASDM, but I like to learn the hardway first.

Question: How do I add the subnet mask for a network object when creating via CLI?

Here's how I'm creating the obejcts:

config t

object-group network telnet-users-group

description users allowed telnet access outbound

network-object host 172.16.25.50

network-object hosts 172.16.25.51

That sets up the hosts with IP addresses, but how do I add the subnet mask?

Thanks,

Dan

1 ACCEPTED SOLUTION

Accepted Solutions
Red

ASA 5520: Adding network objects via CLI

Hi Dan,

You do not need to it for a single host, the firewall takes it to be 255.255.255.255, but if you are adding a network or subnet then you can, for it you can add:

object network test

  subnet 20.0.0.0 255.0.0.0

object network test1

  subnet 10.0.0.0 255.0.0.0

object-group network test-group

network-object object test

network-object object test1

Hope that helps.

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
2 REPLIES
Red

ASA 5520: Adding network objects via CLI

Hi Dan,

You do not need to it for a single host, the firewall takes it to be 255.255.255.255, but if you are adding a network or subnet then you can, for it you can add:

object network test

  subnet 20.0.0.0 255.0.0.0

object network test1

  subnet 10.0.0.0 255.0.0.0

object-group network test-group

network-object object test

network-object object test1

Hope that helps.

Thanks,

Varun

Thanks, Varun Rao Security Team, Cisco TAC
dan
Community Member

ASA 5520: Adding network objects via CLI

After looking at how the ASDM GUI created hosts I sort of figured that was the case.

Thanks.

Dan

4453
Views
0
Helpful
2
Replies
CreatePlease to create content