Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
748
Views
0
Helpful
2
Replies

ASA 8.3/ASDM6.34 - How to filter the addresses object list by IP address?

Go to solution
Paul Cummings
Level 1
Level 1

‎11-17-2010 07:50 AM - edited ‎03-11-2019 12:10 PM

Hi,

We have a firewall policy with a *lot* of address objects which has been migrated from another (non-cisco) firewall platform.

Many of our firewall administrators are familiar with the pre-ASA 8.3 ASDM functionality which allowed you to search for addresses in ASDM (in the addresses tab to the right of the policy) by IP address. With the latest version of ASA and ASDM where we now create objects for addresses, ranges, networks etc rather than using the old "name" method - it doesn't seem possible to filter the addresses window by IP address - only the network name.

So if I want to find the object name for an IP address e.g. 10.1.1.1 it doesn't seem that you can do this in the GUI.

The only way that I have found to find the information is via the CLI, by typing "sh run object in-line | inc <ip address>" which of course can be done via the Command Line tool in ASDM but it seems like a bit of a cludge and non-user friendly to have to do this.

Does anyone know whether this should be possible in the filter field or whether there is another way of accomplishing the same task in the GUI?

Thanks

Paul

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mirober2
Cisco Employee
Cisco Employee

‎11-17-2010 09:03 AM

Hi Paul,

This should work for you, but there is a bug that prevents you from filtering on IP address in ASDM 6.3 with ASA 8.3:

CSCtg99616 - Network object lookup by IP address does not work

The bug will be fixed in the next ASDM release. Until then, filtering by name or using the CLI is the way to go. If you have an active support contract, you can open up a TAC case and ask for an engineering build of ASDM where this bug is fixed.

Hope that helps.

-Mike

View solution in original post

0 Helpful
2 Replies 2

Go to solution
mirober2
Cisco Employee
Cisco Employee

‎11-17-2010 09:03 AM

Hi Paul,

This should work for you, but there is a bug that prevents you from filtering on IP address in ASDM 6.3 with ASA 8.3:

CSCtg99616 - Network object lookup by IP address does not work

The bug will be fixed in the next ASDM release. Until then, filtering by name or using the CLI is the way to go. If you have an active support contract, you can open up a TAC case and ask for an engineering build of ASDM where this bug is fixed.

Hope that helps.

-Mike

0 Helpful

Go to solution
Paul Cummings
Level 1
Level 1
In response to mirober2

‎11-17-2010 09:08 AM

Thanks Mike

Glad to hear it will be fixed - I'll keep an eye out for the next release.

Regards.

Paul

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card