Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

5074
Views
0
Helpful
3
Replies
francoisverges
Beginner
Beginner
‎06-07-2013 03:13 PM
‎06-07-2013 03:13 PM

FQDN Object *.google.com in ASA

Hey everyone,

I know it is possible to define a FQDN objects in an ASA as shown in this document : https://supportforums.cisco.com/docs/DOC-17014

My question is, would it be possible to create a FQDN object using the "*" to desine everything (Ex: *.google.com to desine all the sub google URL) ?

In other words, would it be possible to do the following :

object network google.com

     fqdn *.google.com

I doubt it is possible but I just want to have a confirmation from you guys.

Thank you for your help.

François

Labels:
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
Julio Carvajal
Advisor
Advisor
‎06-07-2013 03:16 PM
‎06-07-2013 03:16 PM

Hello Francois,

Hmm, does not look right, the FQDN is not a regex interpreter so I would say it will not do it,

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
3 REPLIES 3
Julio Carvajal
Advisor
Advisor
‎06-07-2013 03:16 PM
‎06-07-2013 03:16 PM

Hello Francois,

Hmm, does not look right, the FQDN is not a regex interpreter so I would say it will not do it,

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
francoisverges
Beginner
Beginner
In response to Julio Carvajal
‎06-10-2013 06:17 AM
‎06-10-2013 06:17 AM

Thank you for your reply.

I did some testing and I confirm that it is not possible :

asa(config)# object network google.com

asa(config-network-object)# fqd

asa(config-network-object)# fqdn *.google.com

ERROR: Invalid FQDN. FQDN must begin and end with a digit/letter. Only letters,   digits, and hyphen are allowed as internal characters. Labels are separated by a   dot.

0 Helpful
koolasice
Beginner
Beginner
In response to francoisverges
‎12-27-2018 06:57 AM
‎12-27-2018 06:57 AM

This should work like this ...

 

 

object network google.com.FQDN

 fqdn google.com

 

object-group network google.com.URL

 network-object object google.com.FQDN

 

0 Helpful
Latest Contents
Email Security - QuoVadis Root Certificate Decommission Migh...
Created by dmccabej on 03-30-2021 09:32 AM
0
0
0
0
Problem Description For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b... view more
ISE REST APIs Webinar: April 6/7, 2021
Created by thomas on 03-25-2021 07:57 PM
1
5
1
5
  Register Now Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli... view more
FMT 2.3.4 adding ASA migrations of S2S VPN in public beta
Created by William_Hansch on 03-22-2021 08:00 AM
1
10
1
10
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA: Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center VP... view more
What's New for Cisco Defense Orchestrator (CDO)
Created by Andrew Mallio on 03-22-2021 04:40 AM
1
40
1
40
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.  We make improvement... view more
ISE Data limiting best practices
Created by Jonathan Casillas on 03-18-2021 04:34 PM
0
5
0
5
Intro This document presents the ISE data limiting best practices that can dramatically improve the system performance on ISE. Symptoms Your deployment may be impacted if the alarms tab on ISE shows High load average, high CPU or high memoy usage alarm... view more
Content for Community-Ad