Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 7.0 Object-group command question 1

Status
Not open for further replies.
desperado618

desperado618

MIS
Sep 21, 2004
105
US
What command will display the contents of an object-group in 7.0?
I know "sh ru | grep object-group" will display the names of all of the object groups, but I would like to also see the contents.
 
Sort by date Sort by votes
sh ru | grep object
will show all lines with object in them so it will bring up all the group-objects as well as the lines underneath them. You won't get the comments but that is it. You will also have the lines in your config that use those objects.


Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
That is true however this particular PIX has hundreds of objects. So I was hoping to be able to grep a particular object-group and have its contents displayed.
 
Upvote 0 Downvote
Unfortunately that's not how the grep works. You can do
sho run | begin [groupname]
and just let that page display, but other than that - out of luck.



Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
I found a better answer for you -
show run | include object | exclude access

I didn't think of multiple pipes, but it works they way I think you want.


Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
That's better still. I never noticed that - is that new for 7x?

And that deserves a star.

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
Unfortunately "show running-config object-group OBJECTGROUPNAME" will only show me the name of the object not the contents.
There has to be an equlivent to "sh object-group network <objname>" in 7.0. It cannot be this had to simply display the contents of on object group.


Also "show run | include object | exclude access" will only show me where this object group appears in the running config.

Here is an example of the sh object-group command in 6.3

object-group network XYZ
network-object 1.2.3.4 255.255.255.240
network-object 1.2.3.5 255.255.255.240
network-object 1.2.3.6 255.255.255.248
network-object 1.2.3.7 255.255.255.240



To get this information in 7.0 I would have to sift through the entire Running config.
 
Upvote 0 Downvote
This works a bit better. Finally got my ASA at home up and running. :)

ciscoasa(config)# sh run object-group id testnetwork
object-group network testnetwork
network-object 192.168.0.0 255.255.255.0
network-object 192.168.2.0 255.255.255.0
network-object 192.168.3.0 255.255.255.0
ciscoasa(config)#


Free Firewall/Network/Systems Support-
 
Upvote 0 Downvote
The command below displays all NETWORK type object groups

ciscoasa(config)# sh run object-group network
object-group network testnetwork
network-object 192.168.0.0 255.255.255.0
network-object 192.168.2.0 255.255.255.0
network-object 192.168.3.0 255.255.255.0


Free Firewall/Network/Systems Support-
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
793
jim_bmx
jim_bmx
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
833
intel233
intel233
mackland1903
  • Locked
  • Question
Populate oblect group from DNS
Replies
1
Views
241
burtsbees
burtsbees
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
197
xwray
xwray
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
250
brownmab53
brownmab53

Part and Inventory Search

Sponsor

Back
Top