Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
727
Views
0
Helpful
1
Replies

ACS 5.5 Command Set Regular Expression

2emoran
Level 1
Level 1

‎05-15-2014 01:05 PM - edited ‎03-10-2019 09:43 PM

I use command sets quite a bit to permit/deny specific commands for different admin groups.  I want to create a new command set to block certain subnets from being used on the network at all.  I thought regular expressions would be good here, but I cannot get these to work at all.

 

As an example, if I deny the command "*" and argument "ip host 172.16.", I cannot create an ACL line to permit ip host 172.16.1.1 or deny ip host 172.16.1.1.

 

How do I make this work so that no matter what precedes or follows the IP, the command is denied so that I can deny "ip address 172.16.1.1", "ip host 172.1.1", "ip 172.16.1.1", server 172.16.1.1", etc.?

Labels:
0 Helpful
1 Reply 1

edwardcollins7
Level 1
Level 1

‎05-19-2014 11:43 PM

Hey,

The "*" will not work.

You need to first jot down the list of commands that allow an ip address as an argument.

Then use them and add the respective arguments in deny.

 

Regards

Ed

0 Helpful
Customers Also Viewed These Support Documents