Solved: ASA5510 Object Groups

sgoethals1 · ‎07-21-2011

Hi Folks,

I have an ASA5510 where I have defined object-groups and then associated them with a specific ACL. Our ISP is pulling their point of presence from where I live and I am force to move to a new ISP. I am in the process of setting up another interface for the ASA5510 to connect to the new ISP.

My questions is can I create a new ACL lets call it new_access_in and use it with the same object groups that I have already defined? I know that I can only have one ACL bound to an interface, and will bind this new ACL to the new interface I am setting up, but I wasn't sure if I could use the same object groups and connect them to a different ACL. I really don't want to have to create new object groups if I don't have to.

Any help would be appreciated.

Thanks,

Scott

Anu M Chacko · ‎07-21-2011

Hi Scott,

Yes, you can call the same object-groups in the access-list, as long as there's only 1 access-list applied on that interface in one direction.

Hope this helps!

Regards,

Anu

View solution in original post

Anu M Chacko · ‎07-21-2011

Hi Scott,

Yes, you can call the same object-groups in the access-list, as long as there's only 1 access-list applied on that interface in one direction.

Hope this helps!

Regards,

Anu

sgoethals1 · ‎07-21-2011

Thank you. That is what I was hoping for. I will have two different ACLs, each bound to a different interface allowing traffic from the outside in, and was hoping that these two ACLs could be configured to use the same object groups.