you have the "ip host" command on IOS devices which can statically map your hostname to an ip address. but the acl statements might not accept hostnames as the source or destination entries.
You can think implementing object-groups on routers and firewalls to achieve this (depends on the ios code you are running). With object groups, you can bundle IP addresses with a object-name and reference that on the access-list.. doing this, you dont need to change the acl entries everytime you change IP addresses, and you can just modify the object-group entries defined on the device.
Router# configure terminal
Router(config)# object-group network abc
Router(config-network-group)# host 18.104.22.168
Router(config-network-group)# host 22.214.171.124
Refer to CCO on the object-groups and you will find the exact configuration details. Hope this helps.. All the best...
Mike is right. My bad. I missed the hostname parameter on the command line.. You can hence use the "ip host" command locally, or use DNS as Mike suggested. Object groups can be used, if the IOS supports it.
In my version of IOS 12.2(33)SXH4, one can input hostnames during the ACL configuration, but it immediately resolves those hostnames to IPs and inserts those into the output of "show run". In other words, the hostnames are not preserved, which if I interpret the original post correctly, was the goal (IPs can dynamically change but are tied to permanent DNS records and thus ACLs not be changed).
Pertaining to this behavior, does IOS behave differently on different versions? Am wondering if T-train would preserve the hostnames in ACL lines?
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...