cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

5069
Views
0
Helpful
3
Replies
francoisverges
Beginner

FQDN Object *.google.com in ASA

Hey everyone,

I know it is possible to define a FQDN objects in an ASA as shown in this document : https://supportforums.cisco.com/docs/DOC-17014

My question is, would it be possible to create a FQDN object using the "*" to desine everything (Ex: *.google.com to desine all the sub google URL) ?

In other words, would it be possible to do the following :

object network google.com

     fqdn *.google.com

I doubt it is possible but I just want to have a confirmation from you guys.

Thank you for your help.

François

1 ACCEPTED SOLUTION

Accepted Solutions
Julio Carvajal
Advisor

Hello Francois,

Hmm, does not look right, the FQDN is not a regex interpreter so I would say it will not do it,

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

3 REPLIES 3
Julio Carvajal
Advisor

Hello Francois,

Hmm, does not look right, the FQDN is not a regex interpreter so I would say it will not do it,

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

Thank you for your reply.

I did some testing and I confirm that it is not possible :

asa(config)# object network google.com

asa(config-network-object)# fqd

asa(config-network-object)# fqdn *.google.com

ERROR: Invalid FQDN. FQDN must begin and end with a digit/letter. Only letters,   digits, and hyphen are allowed as internal characters. Labels are separated by a   dot.

This should work like this ...

 

 

object network google.com.FQDN

 fqdn google.com

 

object-group network google.com.URL

 network-object object google.com.FQDN

 

Content for Community-Ad