https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717351#M534486 <HTML><HEAD></HEAD><BODY><P>It's not possible unfortunately. If this is an address that resolves to an internet hostname, you'll need to run nslookup on that hostname to get the addresses. You can then create an object-group for ease of management. (It *might* work on the new IOS version, but I'm running 8.0x and it doesn't work.)</P><P></P><P>Example:</P><P></P><P>Hostname: bing.com</P><P></P><P>nslookup bing.com</P><P>1.1.1.1</P><P>2.2.2.2</P><P></P><P>object-group network bing.com</P><P>network host 1.1.1.1</P><P>network host 2.2.2.2</P><P></P><P>access-list INSIDE permit ip any object-group bing.com</P><P></P><P>That's the only way that I know you'd be able to do it.</P><P></P><P>The firewall will translate addresses from the CLI, but it won't do it for your hosts.</P><P></P><P>HTH,</P><P>John</P></BODY></HTML> Mon, 01 Aug 2011 15:56:23 GMT John Blakley 2011-08-01T15:56:23Z https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717350#M534485 <P>Hi all,</P><P>I have an ASA 5540 and I'd like to create a rule using a specific host name as source of the traffic, not an ip address.</P><P></P><P>Is that possible?</P><P></P><P>My firewall already resolves names to IP address so I can ping all my internal hosts by name</P><P></P><P>Thanks</P><P></P><P>Tauer</P> Mon, 11 Mar 2019 21:06:31 GMT https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717350#M534485 Tauer Drumond 2019-03-11T21:06:31Z https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717351#M534486 <HTML><HEAD></HEAD><BODY><P>It's not possible unfortunately. If this is an address that resolves to an internet hostname, you'll need to run nslookup on that hostname to get the addresses. You can then create an object-group for ease of management. (It *might* work on the new IOS version, but I'm running 8.0x and it doesn't work.)</P><P></P><P>Example:</P><P></P><P>Hostname: bing.com</P><P></P><P>nslookup bing.com</P><P>1.1.1.1</P><P>2.2.2.2</P><P></P><P>object-group network bing.com</P><P>network host 1.1.1.1</P><P>network host 2.2.2.2</P><P></P><P>access-list INSIDE permit ip any object-group bing.com</P><P></P><P>That's the only way that I know you'd be able to do it.</P><P></P><P>The firewall will translate addresses from the CLI, but it won't do it for your hosts.</P><P></P><P>HTH,</P><P>John</P></BODY></HTML> Mon, 01 Aug 2011 15:56:23 GMT https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717351#M534486 John Blakley 2011-08-01T15:56:23Z https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717352#M534487 <HTML><HEAD></HEAD><BODY><P> Hi John,</P><P>thank you so much!</P></BODY></HTML> Mon, 01 Aug 2011 16:12:27 GMT https://community.cisco.com/t5/network-security/access-list-hostname-as-source/m-p/1717352#M534487 Tauer Drumond 2011-08-01T16:12:27Z