asked on
network objects on ios
Hello,
I have a question: Are there such a thing as network objects for IOS?
I work with Cisco ASAs, Routers, and switches on a regular basis. I have found the network objects (and associated groups) very helpful in the ASA. They allow me to define ports and ip addresses (ranges, etc) as object and reference those objects in access lists and nat commands.
We use Cisco 3560s with the ip routing enabled. We use access lists as part of this. We find it fairly cumbersome to go through and list out all the IP addresses and ports. It would be very helpful if we could list out the objects, like we do on the ASA.
Thanks,
Ben
I have a question: Are there such a thing as network objects for IOS?
I work with Cisco ASAs, Routers, and switches on a regular basis. I have found the network objects (and associated groups) very helpful in the ASA. They allow me to define ports and ip addresses (ranges, etc) as object and reference those objects in access lists and nat commands.
We use Cisco 3560s with the ip routing enabled. We use access lists as part of this. We find it fairly cumbersome to go through and list out all the IP addresses and ports. It would be very helpful if we could list out the objects, like we do on the ASA.
Thanks,
Ben
Switches / HubsRoutersNetworking
Last Comment
osalqu
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
I have not had much to do with ASA...yet... but you could use extended access list. you will still have to type out the ip addresses and ports, etc. but once you are done it is bound to the name that you give the extended access list and can use that name to refer to all "objects" configured under that name.
what i meant about the ASA is that I am not familiar with the object concept you are referring to with ASA.
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
@MAG03
Yes, the benefit of the object groups is that you can for example place all the ports you want a network to access into an object group, then with one acl entrie refer to the object group instead of each port. Saves a lot of time and clutter.
Yes, the benefit of the object groups is that you can for example place all the ports you want a network to access into an object group, then with one acl entrie refer to the object group instead of each port. Saves a lot of time and clutter.
support for object groups started on 12.4(20)T ios router code only...no switches