EasyManuals Logo
Home>Cisco>Firewall>ASA 5512-X

Cisco ASA 5512-X Configuration Guide

Cisco ASA 5512-X
428 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #15 background imageLoading...
Page #15 background image
2-3
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 2 Objects for Access Control
Configure Objects
hostname(config-network-object)# host 10.2.2.2
Step 3 (Optional) Add a description.
hostname(config-network-object)# description string
Configure a Network Object Group
Network object groups can contain multiple network objects as well as inline networks or hosts. Network
object groups can include a mix of both IPv4 and IPv6 addresses.
However, you cannot use a mixed IPv4 and IPv6 object group for NAT, or object groups that include
FQDN objects.
Procedure
Step 1 Create or edit a network object group using the object name.
ciscoasa(config)# object-group network group_name
Example
hostname(config)# object-group network admin
Step 2 Add objects and addresses to the network object group using one or more of the following commands.
Use the no form of the command to remove an object.
• network-object host {IPv4_address | IPv6_address}—The IPv4 or IPv6 address of a single host.
For example, 10.1.1.1 or 2001:DB8::0DB8:800:200C:417A.
• network-object {IPv4_address IPv4_mask | IPv6_address/IPv6_prefix}—The address of a network
or host. For IPv4 subnets, include the mask after a space, for example, 10.0.0.0 255.0.0.0. For IPv6,
include the address and prefix as a single unit (no spaces), such as 2001:DB8:0:CD30::/60.
• network-object object object_name—The name of an existing network object.
• group-object object_group_name—The name of an existing network object group.
Example
hostname(config-network-object-group)# network-object 10.1.1.0 255.255.255.0
hostname(config-network-object-group)# network-object 2001:db8:0:cd30::/60
hostname(config-network-object-group)# network-object host 10.1.1.1
hostname(config-network-object-group)# network-object host 2001:DB8::0DB8:800:200C:417A
hostname(config-network-object-group)# network-object object existing-object-1
hostname(config-network-object-group)# group-object existing-network-object-group
Step 3 (Optional) Add a description.
hostname(config-network-object-group)# description string
Example
To create a network group that includes the IP addresses of three administrators, enter the following
commands:
hostname (config)# object-group network admins
hostname (config-protocol)# description Administrator Addresses

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
BrandCisco
ModelASA 5512-X
CategoryFirewall
LanguageEnglish

Related product manuals