EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series Configuration Guide

Cisco ASA Series
428 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #15 background imageLoading...
Page #15 background image
2-3
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 2 Objects for Access Control
Configure Objects
hostname(config-network-object)# host 10.2.2.2
Step 3 (Optional) Add a description.
hostname(config-network-object)# description string
Configure a Network Object Group
Network object groups can contain multiple network objects as well as inline networks or hosts. Network
object groups can include a mix of both IPv4 and IPv6 addresses.
However, you cannot use a mixed IPv4 and IPv6 object group for NAT, or object groups that include
FQDN objects.
Procedure
Step 1 Create or edit a network object group using the object name.
ciscoasa(config)# object-group network group_name
Example
hostname(config)# object-group network admin
Step 2 Add objects and addresses to the network object group using one or more of the following commands.
Use the no form of the command to remove an object.
• network-object host {IPv4_address | IPv6_address}—The IPv4 or IPv6 address of a single host.
For example, 10.1.1.1 or 2001:DB8::0DB8:800:200C:417A.
• network-object {IPv4_address IPv4_mask | IPv6_address/IPv6_prefix}—The address of a network
or host. For IPv4 subnets, include the mask after a space, for example, 10.0.0.0 255.0.0.0. For IPv6,
include the address and prefix as a single unit (no spaces), such as 2001:DB8:0:CD30::/60.
• network-object object object_name—The name of an existing network object.
• group-object object_group_name—The name of an existing network object group.
Example
hostname(config-network-object-group)# network-object 10.1.1.0 255.255.255.0
hostname(config-network-object-group)# network-object 2001:db8:0:cd30::/60
hostname(config-network-object-group)# network-object host 10.1.1.1
hostname(config-network-object-group)# network-object host 2001:DB8::0DB8:800:200C:417A
hostname(config-network-object-group)# network-object object existing-object-1
hostname(config-network-object-group)# group-object existing-network-object-group
Step 3 (Optional) Add a description.
hostname(config-network-object-group)# description string
Example
To create a network group that includes the IP addresses of three administrators, enter the following
commands:
hostname (config)# object-group network admins
hostname (config-protocol)# description Administrator Addresses

Table of Contents

Other manuals for Cisco ASA Series

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals