[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Adding addresses to an existing Tunnel Cisco ASA

Posted on 2015-01-27
4
Medium Priority
?
219 Views
Last Modified: 2015-01-27
I working on a Cisco 5500 ASA via ADSM  I have a tunnel set up with a network subnet and mask.  I need to add some address to this. I think if I go into the Edit Network Object Group I can do this.  However I have 3 address that are not in sequences and another 5 addresses that are in sequence.
so for example I have 11.12.13.41, 11.12.13.166 and 11.12.13.192 on the same subnet, is there a way to add all three in under the same name  and subnet mask?
Then I have an additional 5 IP's with 12.13.14.130, 131.132.133.134 same subnet and I would like to do the same thing.
Or do I need to add these one at a time?
0
Comment
Question by:WellingtonIS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 29

Accepted Solution

by:
Jan Springer earned 2000 total points
ID: 40573223
To begin with, your access-list that's applied to your crypto map needs to be an exact inverse match of the other end.

For security, only allow those hosts to inter-communicate.  You only aggregate when any traffic between hosts in the subnet is interesting and should go across the tunnel.

The whole point of the object group  is that you have a single place to put hosts or subnets so it's not a big to deal to add a host at a time.
0
 

Author Comment

by:WellingtonIS
ID: 40573248
So I need to add these one at a time? correct?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40573327
you can add them both but to both ends at roughly the same time.  otherwise, you'll have a mis-match in your policy and the tunnel will drop.
0
 

Author Closing Comment

by:WellingtonIS
ID: 40573363
Thanks!  That's what I did.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question