!This portion cleans up/removes the existing IP's that may be stale - be removing the object group. We store one object group in another, as then we can just keep the parent object group in the ACL and modify it's sub-items. action 1.1 cli command "o...

2 reasons   1# if you add hostname to the ACL - it immediately resolves and adds the IP to the ACL, not the hostname. (same for object groups)   2# If it were to keep hostname in the ACL - every single packet that reaches that ACE within the ACL will...

I put a little EEM together to achieve this. It's pretty easy.   conf t !You should use an internal DNS server (safer) ip name-server 8.8.8.8 object-group network DDNS-ALLOW event manager applet DDNS-UPDATE !300 seconds is 5 minutes event timer w...