Re: Editing hosts into an already configured object-group on ASA
You should be able to add the new Host to the object-group. If you are trying to be more specific with the object-group than yes you should remove the other full subnet object from the object-group, however be aware that when you are changing the object-group those changes will affect all rules "ACL" "NAT" "Xlates" as well if they are using the same object-group with those statements.
Object-groups can be a great tool, or a nightmare. Ensure that your naming conventions clearly give reason for the object-groups to alleviate problems.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...