Filter
Top Products
13-11
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 13 Configuring Objects
Configuring Objects and Groups
You only need to specify the admin object group in your ACE as follows:
hostname (config)# access-list ACL_IN extended permit ip object-group admin host
209.165.201.29
Removing Object Groups
You can remove a specific object group or remove all object groups of a specified type; however, you
cannot remove an object group or make an object group empty if it is used in an access list.
Detailed Step
Monitoring Objects and Groups
To monitor objects and groups, enter the following commands:
Step 1
Do one of the following:
no object-group grp_id
Example:
hostname(config)# no object-group
Engineering_host
Removes the specified object group. The grp_id is a text string up
to 64 characters in length and can be any combination of letters,
digits, and the following characters:
• underscore “_”
• dash “-”
• period “.”
clear object-group [protocol | network |
services | icmp-type]
Example:
hostname(config)# clear-object group
network
Removes all object groups of the specified type.
Note If you do not enter a type, all object groups are removed.
Command Purpose
show access-list
Displays the access list entries that are expanded
out into individual entries without their object
groupings.
show running-config object-group
Displays all current object groups.
show running-config object-group grp_id
Displays the current object groups by their group
ID.
show running-config object-group grp_type
Displays the current object groups by their group
type.