- PIX object-groups automatically created named "_ref" ?
- Posted by thefunnel@aol.com on October 15th, 2007
Hi,
After upgrading our PIX 525 from version 6 to 8 I noticed the access-
lists and object-group command behaviour has changed - it no longer
automatically creates "reference" access-groups ending with "_ref"
Previously I created inbound access-lists (via PDM) referencing the
inside server names and the PIX automatically created a "reference"
access-lists/object-groups that matched the outside NAT'ed addresses.
For example:
Name 192.168.10.10 SERVER1 (inside name)
object-group network INSIDE-SERVER (object -group with inside name)
network-object SERVER1 255.255.255.255
object-group network INSIDE-SERVER_ref (automatically created object
group matching outside NAT)
network-object 10.10.10.10 255.255.255.255
access-list outside_access_in permit tcp any object-group
INSIDE_SERVER_ref eq http (access-list using the _ref" version)
For some reason version 8 does not do this? Any suggestions would be
appreciated.
Paul
- Posted by Walter Roberson on October 17th, 2007
In article <1192457158.191874.295810@i13g2000prf.googlegroups .com>,
thefunnel@aol.com <thefunnel@aol.com> wrote:
No, the PIX never did that. However, PDM might have created those
for you.
- Access to the "Created by" of an object in Workflow rule (Windows CRM) by Eric
- Simon Cowell bored with music industry , "rubbish" and "manufactured" groups hogging the airwaves (Audio, MP3 & Music) by FunkyDevil
- in Word, Photo Editor not on "object type" list in Insert|Object (Home and office) by magda
- Failed to open a named "Event Object" created by another process (Development Resources) by Kenji Chan
- "Error is being created"; "Page Fault In Non Paged Area" (Windows 2000) by ravic
