Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5520 object alias

Hi There, what is the CLI command  to create and alas for an object. for example if I have a server with an IP address 10.1.46.2 255.255.255.0 I would like to create an object aliase so I can use it in the NAT and ACL rules instead of typing the IP all the time.

Also if I have a group of servers how can create a group and add individual server with different Ips to this group.

if not the commands , a clue in the right direction for this would be great

Many Thanks

1 REPLY
New Member

Re: ASA5520 object alias

Hi,

use object-group to create objects,

And to group them use

object-group

     )#group-object

e.g. i am having to web servers, so i will create

     object-group network WEB_SRV_1

          )# network-object host 10.10.10.10

          )#exit

     object-group network WEB_SRV_2

          )# network-object host 10.10.10.11

          )#exit

     object-group network WEB_SRV_GRP

          )# group-object WEB_SRV_1

          )# group-object WEB_SRV_2

         )#exit

In this way if i have to apply any rule particular for webservers then i can use WEB_SRV_1 or _2

If i have to apply rule to all web servers than i can use WEB_SRV_GRP.

You can easily add webservers to group. Instead of network as type of object you can use service, then you can mention serrvices like tcp ,UDP port number etc

Cheers

326
Views
0
Helpful
1
Replies
CreatePlease login to create content