Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 8.3/ASDM6.34 - How to filter the addresses object list by IP address?

Hi,

We have a firewall policy with a *lot* of address objects which has been migrated from another (non-cisco) firewall platform.

Many of our firewall administrators are familiar with the pre-ASA 8.3 ASDM functionality which allowed you to search for addresses in ASDM (in the addresses tab to the right of the policy) by IP address. With the latest version of ASA and ASDM where we now create objects for addresses, ranges, networks etc rather than using the old "name" method - it doesn't seem possible to filter the addresses window by IP address - only the network name.

So if I want to find the object name for an IP address e.g. 10.1.1.1 it doesn't seem that you can do this in the GUI.

The only way that I have found to find the information is via the CLI, by typing "sh run object in-line | inc <ip address>" which of course can be done via the Command Line tool in ASDM but it seems like a bit of a cludge and non-user friendly to have to do this.

Does anyone know whether this should be possible in the filter field or whether there is another way of accomplishing the same task in the GUI?

Thanks

Paul

  • Firewalling
Everyone's tags (2)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ASA 8.3/ASDM6.34 - How to filter the addresses object list b

Hi Paul,

This should work for you, but there is a bug that prevents you from filtering on IP address in ASDM 6.3 with ASA 8.3:

CSCtg99616 - Network object lookup by IP address does not work

The bug will be fixed in the next ASDM release. Until then, filtering by name or using the CLI is the way to go. If you have an active support contract, you can open up a TAC case and ask for an engineering build of ASDM where this bug is fixed.

Hope that helps.

-Mike

2 REPLIES
Cisco Employee

Re: ASA 8.3/ASDM6.34 - How to filter the addresses object list b

Hi Paul,

This should work for you, but there is a bug that prevents you from filtering on IP address in ASDM 6.3 with ASA 8.3:

CSCtg99616 - Network object lookup by IP address does not work

The bug will be fixed in the next ASDM release. Until then, filtering by name or using the CLI is the way to go. If you have an active support contract, you can open up a TAC case and ask for an engineering build of ASDM where this bug is fixed.

Hope that helps.

-Mike

New Member

Re: ASA 8.3/ASDM6.34 - How to filter the addresses object list b

Thanks Mike

Glad to hear it will be fixed - I'll keep an eye out for the next release.

Regards.

Paul

445
Views
0
Helpful
2
Replies
This widget could not be displayed.