Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
663
Views
0
Helpful
5
Replies

"name feature" on ASA5550 version 8.4(2)

Go to solution
Rosa Ladeira
Level 1
Level 1

‎02-17-2012 09:48 AM - edited ‎03-11-2019 03:31 PM

I have upgraded ASA5550 version from 7.2(4) to 8.4(2).

On version 7, I am used to "names" command, like this:

names

name 107.25.1.10 Picard

name 107.25.2.20 Administrativa

By addition, when configuring acls it was very usefull, for example:

access-list inside_access_out line 15 extended permit udp host Picard host 107.25.4.61 eq snmp

On version 8, I have verified that names replacement is no more available:

ASA(config)# access-list outside_access_in permit ip host ?

configure mode commands/options:

  A.B.C.D  Source host IP address

Is that true ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
varrao
Level 10
Level 10
In response to Rosa Ladeira

‎02-17-2012 10:24 AM

Hi Rosa,

In the version 8.3 or later, a new concept of host-based objects being used to reference singular objects by their names. So you might need to try:

object network  Picard

  host 107.25.1.10

access-list inside_access_out line 15 extended permit udp Picard host 107.25.4.61 eq snmp

I just checked it on my lab device and that's how you would need to do it.

Thanks,

Varun

Thanks,
Varun Rao

View solution in original post

0 Helpful
5 Replies 5

Go to solution
varrao
Level 10
Level 10

‎02-17-2012 10:00 AM

Hi Rosa,

Names command is still there in the version 8.4, you would first need to enable the names command on the device and then you should get the prompt for it.

names

here's the 8.4 command reference:

http://www.cisco.com/en/US/customer/docs/security/asa/asa84/command/reference/no.html#wp1812279

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
Rosa Ladeira
Level 1
Level 1
In response to varrao

‎02-17-2012 10:07 AM

Varun, I was not clear.

I can still use command names. Version 8 accepts name definifion.

What I am not able to do is to write acls using this names definitions.

On version 8, I have verified that names replacement is no more available:

ASA(config)#  conf t

ASA(config)# access-list outside_access_in permit ip host ?

configure mode commands/options:

A.B.C.D  Source host IP address    <------   you see ? only host IP address

0 Helpful

Go to solution
varrao
Level 10
Level 10
In response to Rosa Ladeira

‎02-17-2012 10:24 AM

Hi Rosa,

In the version 8.3 or later, a new concept of host-based objects being used to reference singular objects by their names. So you might need to try:

object network  Picard

  host 107.25.1.10

access-list inside_access_out line 15 extended permit udp Picard host 107.25.4.61 eq snmp

I just checked it on my lab device and that's how you would need to do it.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
Rosa Ladeira
Level 1
Level 1
In response to varrao

‎02-17-2012 10:37 AM

Varun, thanks a lot.

That is what I am looking for.

Regards,

Rosa

0 Helpful

Go to solution
Rosa Ladeira
Level 1
Level 1
In response to varrao

‎02-24-2012 09:00 AM

Hi Varun,

Thinking a little bit more about you said, can I ask you anything else?

You said:

"Names command is still there in the version 8.4, you would first need to enable the names command on the device and then you should get the prompt for it.

names"

I did and I was not succesfull.

Then, following your suggestion, I tried:

"object network  Picard

  host 107.25.1.10

access-list inside_access_out line 15 extended permit udp Picard host 107.25.4.61 eq snmp"

... and I got real results.

so, that is the question :

What is the real use for name command ? (Why is it still there?)

Thanks,

Rosa

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card