Solved: Access Rule for IP Range

Mitchell Theriot · ‎03-17-2011

Hello,

I have been asked to give access to one of our internal servers from a range of IPs within a larger subnet. It is 30 ip's within a subnet of 510 addresses. Is there a way to do just a range for the access rule source instead of creating a single object for all 30 ip's and then putting them into a network object group? I really do not want to create a network object for the whole subnet being that it contains ip addresses that do not require access. Any help would be greatly appreciated. Thanks.

PAUL GILBERT ARIAS · ‎03-17-2011

you might be able to use a subnet mask that includes most of the IPs and for the remaining you can add single acls. There is no way to create an acl with a pool of IPs. As you know you can use object-group or get creative with subnetting.

I hope this helps.

View solution in original post

PAUL GILBERT ARIAS · ‎03-17-2011

you might be able to use a subnet mask that includes most of the IPs and for the remaining you can add single acls. There is no way to create an acl with a pool of IPs. As you know you can use object-group or get creative with subnetting.

I hope this helps.

Mitchell Theriot · ‎03-17-2011

That is what I am afraid I will have to do. Narrow the range down as best I can through subnetting then add the rest

as individual acl's. Thanks!

PAUL GILBERT ARIAS · ‎03-17-2011

no problem. If possible please mark the question as answered.