Does anyone know if its possible to use an IP object group in an extended acl and then apply that acl to a route map?
object-group network TestGroup 172.16.100.0 255.255.255.0 172.16.101.0 255.255.255.0 172.16.102.0 255.255.255.0 172.16.103.0 255.255.255.0
router bgp 65541 bgp router-id 192.168.199.254 bgp log-neighbor-changes no bgp default ipv4-unicast timers bgp 15 45 neighbor 192.168.199.253 remote-as 65542 neighbor 192.168.199.253 ebgp-multihop 5 neighbor 192.168.199.253 password 7 XXXXXXXXXXXXXXXXXXXXXX ! address-family ipv4 redistribute connected neighbor 192.168.199.253 activate neighbor 192.168.199.253 default-originate neighbor 192.168.199.253 capability orf prefix-list send neighbor 192.168.199.253 soft-reconfiguration inbound neighbor 192.168.199.253 route-map OutboundBGP out exit-address-family ! ip forward-protocol nd ip access-list extended PermitRoute permit ip object-group TestGroup any ! ! route-map OutboundBGP permit 10 match ip address PermitRoute match source-protocol connected
I can't seem to get this configuration to work and I'm not even sure its supported. This is Cisco IOS, NOT ASA and everything I appear to finding is either ASA specific to relates to policy-based routing or traffic filtering. I'm looking to specifically not have to create a separate large list one by one using wildcard masks when i already have a large object group configured for other use cases.
Any ideas or feedback would be appreciated and thanks.
Solved! Go to Solution.