Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
227
Views
0
Helpful
1
Replies

How to represent all public IPs in a PIX/ASA/FWSM config

georgeburtz
Level 1
Level 1

‎04-13-2009 08:58 AM - edited ‎03-11-2019 08:17 AM

I have a question about creating a rulebase for my FWSMs. We have certain subnets behind a FWSM interface that need to have outbound http access restricted so that they can reach public IPs, but not most of the private ranges.

I come from a Checkpoint background where you did this by putting all your internal nets in a group and then 'negating' that group in the policy to represent public or 'non-internal' nets. Can I do this in ASDM or CSM without having to list all the public IP ranges?

Any ideas or suggestions?

Thanks!

Labels:
0 Helpful
1 Reply 1

mike-greene
Level 4
Level 4

‎04-13-2009 12:47 PM

Hi,

You might try this document to see if it's what your looking for.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card