Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

How to represent all public IPs in a PIX/ASA/FWSM config

I have a question about creating a rulebase for my FWSMs. We have certain subnets behind a FWSM interface that need to have outbound http access restricted so that they can reach public IPs, but not most of the private ranges.

I come from a Checkpoint background where you did this by putting all your internal nets in a group and then 'negating' that group in the policy to represent public or 'non-internal' nets. Can I do this in ASDM or CSM without having to list all the public IP ranges?

Any ideas or suggestions?

Thanks!

1 REPLY
Bronze

Re: How to represent all public IPs in a PIX/ASA/FWSM config

Hi,

You might try this document to see if it's what your looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml

HTH

115
Views
0
Helpful
1
Replies
CreatePlease to create content