Hi!
I have a question, to which I couldn't find an answer by searching google and cisco docs.
Let's say I insert a following command in cisco pix cli:
name 10.1.0.0 test-network
What is the default netmask given by pix for this network, if any? Do I have to speficy a netmask with a different command, before using this object in an acl, for example?
The PIX version is 6.3, if it matters.
Thanks!
There is no netmask with names. The name command substitutes the IP address with a name regardless of the context, the address is used.
It doesn't, you still need to specify it. test-network 255.0.0.0 would be 10.X.X.X test-network 255.255.0.0 would be 10.1.X.X test-network 255.255.255.0 would be 10.1.0.X test-network 255.255.255.255 would be host 10.1.0.0
Hi!
Thanks for the reply.
Yes, I understand this is like an alias. However, if I use test-network in an acl, like this:
access-list inside_access_in permit tcp test-network any eq ssh
How will the firewall interpret the 'test-network' object in this case:
Lutz D> > name 10.1.0.0 test-network
Thanks!
I got it now. Tried to use it without netmask and got an error.
Dilemma solved!
Brian V wrote:
The response will be Illegal command: access-list inside_access_in permit tcp 10.1.0.0 any eq ssh ^ If you want to do this right, please use:
name 10.1.0.0 test-network name 255.255.255.248 slash-29 access-list inside_access permit tcp test-network slash-29 any eq ssh
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.