Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4637
Views
20
Helpful
5
Replies

Network Object Limit on Cisco FMC

Garry Cooper
Level 1
Level 1

‎12-06-2021 02:00 AM

So initially we deployed a pair of FTD's 4120's running 6.6.4.

We ran into an problem with limits to groups size as we have more than 100 entries in some of our groups.  We had to split the groups, ( each group had not more that 100 in each).

Since upgrading to 6.6.4 we can add more to some of these groups.

Has anyone got any info on this as info from cisco as I cannot find or is unavailable.

 

TIA

0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎12-06-2021 08:34 AM

yes that Limitation still i guess as for i know 6.6.X not sure 7.X  has any enhancement :

Looks some work around people doing :

 

https://community.cisco.com/t5/network-security/fmc-maximum-objects-in-an-object-group/td-p/3374958

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mpetty001
Level 1
Level 1

‎12-06-2021 10:02 AM

After looking at the link to an earlier forum thread posted by Balaji (BB), I have to say I'm more than a little disappointed (but obviously not surprised in the slightest) that Cisco has had customers asking for this information literally for years, along with the fact that Cisco themselves programmed those arbitrary limits into the Firepower operating system, and even *increased* the number of allowed entries in later versions (I've noticed that just like the original poster), yet apparently they haven't deigned it important enough to document those limits or changes anywhere, despite the fact that numerous customers have hit the object limits previously.

0 Helpful

nspasov
Cisco Employee
Cisco Employee

‎12-06-2021 11:21 AM

The limit (100) that you are hitting is for literal objects where you manually type/define and add the values to an object-group. If you don't use literals (Objects that are already created and saved in the FMC) then the limit is 2152 objects in an object-group. 

I hope this helps!

Thank you for rating helpful posts!

Thank you for rating helpful posts!

mpetty001
Level 1
Level 1
In response to nspasov

‎12-06-2021 11:33 AM

nspasov, thank you for following up! That clarification is very useful and good to know.

0 Helpful

nspasov
Cisco Employee
Cisco Employee

‎12-06-2021 12:30 PM

Sure thing! I know it is more work to define and save the objects and then use them but that way the limit is much higher. Also, you can use the RestAPI or import to take care of bulk creations. 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card