• cabling news
  Newsletter Industry News Our Site News
• help
  Home Cabling Guide Cabling FAQ Free Helpdesk Forums Learn Cabling
• resources
  Color Codes Pin Layouts Links E-books Bookstore Online Tools Downloads
• this site
  Home Page Contact us Advertise Here Link to us
• this page
  Bookmark It! Print
• +

Cisco Systems PIX object-groups automatically created named "_ref" ?

Bookmark this page:   Yahoo!   Google   Windows Live   del.icio.us   digg   Netscape

Subject Author Date PIX object-groups automatically created named "_ref" ? thefunnel@aol.com 10-15-07  Re: PIX object-groups automatically created named ... Walter Roberson 10-16-07

Posted by thefunnel@aol.com on October 15, 2007, 10:05 am Please log in for more thread options Hi, After upgrading our PIX 525 from version 6 to 8 I noticed the access- lists and object-group command behaviour has changed - it no longer automatically creates "reference" access-groups ending with "_ref" Previously I created inbound access-lists (via PDM) referencing the inside server names and the PIX automatically created a "reference" access-lists/object-groups that matched the outside NAT'ed addresses. For example: Name 192.168.10.10 SERVER1 (inside name) object-group network INSIDE-SERVER (object -group with inside name) network-object SERVER1 255.255.255.255 object-group network INSIDE-SERVER_ref (automatically created object group matching outside NAT) network-object 10.10.10.10 255.255.255.255 access-list outside_access_in permit tcp any object-group INSIDE_SERVER_ref eq http (access-list using the _ref" version) For some reason version 8 does not do this? Any suggestions would be appreciated. Paul

Posted by Walter Roberson on October 16, 2007, 8:47 pm Please log in for more thread options >After upgrading our PIX 525 from version 6 to 8 I noticed the access- >lists and object-group command behaviour has changed - it no longer >automatically creates "reference" access-groups ending with "_ref" >Previously I created inbound access-lists (via PDM) referencing the >inside server names and the PIX automatically created a "reference" >access-lists/object-groups that matched the outside NAT'ed addresses. No, the PIX never did that. However, PDM might have created those for you.

Similar Threads	Posted
PIX object-groups automatically created named "_ref" ?	October 15, 2007, 10:05 am
tip: ACL's created in CLI editable with SDM	August 3, 2005, 5:19 pm
SA created on Cisco PIX, but no traffic possible	December 1, 2005, 3:14 pm
no named access-liosts on router 836!?	February 15, 2005, 12:17 am
Why me? - named ACLs in NAT statement might work ...	June 12, 2007, 9:58 am
I have an issue after I created my multilink configuration	October 24, 2007, 4:11 pm
How is "pri" calculated automatically by GLBP ?	July 1, 2008, 1:23 am
Automatically enabling SSH server on a router.	December 13, 2005, 6:17 pm
PCM352 not reauthenticating LEAP automatically	April 2, 2006, 3:44 pm
Saving log/config files automatically on MDS/switches	October 3, 2006, 2:44 pm
Setting up Cisco VPN client to automatically connect	December 8, 2006, 9:15 am
Is it possible to automatically shape traffic after quota has been reached?	February 26, 2007, 9:28 am
Input the username&password Automatically on the 802.1x client	September 8, 2008, 11:07 pm
PIX 501 Version 6.2(2) not clearing local-host table automatically	December 9, 2007, 3:55 am
Cat 6509 automatically put VLAN state into "suspended" and killed my network...why?	January 23, 2007, 6:04 pm

Contact Us | Privacy Policy