object-group ip address
object-group ip address
To define an IPv4 address object group or to enter object-group configuration mode for a specific IPv4-address
object group, use the object-group ip address command. To remove an IPv4-address object group, use the
no form of this command.
object-group ip address name
no object-group ip address name
Syntax Description
name
Command Default
None
Command Modes
Global configuration
Command History
Release
4.0(1)
Usage Guidelines
You can use IPv4 object groups in permit and deny commands for IPv4 access control lists (ACLs).
IPv4 address object groups are not directional. Whether group members match a source or destination address
or whether an object group applies to inbound or outbound traffic depends upon how you use the object group
in an IPv4 ACL.
This command does not require a license.
Examples
This example shows how to configure an IPv4 address object group named ipv4-addr-group-13 with two
group members that are specific IPv4 addresses and one group member that is the 10.23.176.0 subnet:
switch# configure terminal
switch(config)# object-group ip address ipv4-addr-group-13
switch(config-ipaddr-ogroup)# host 10.121.57.102
switch(config-ipaddr-ogroup)# 10.121.57.234/32
switch(config-ipaddr-ogroup)# 10.23.176.0 0.0.0.255
switch(config-ipaddr-ogroup)# show object-group ipv4-addr-group-13
switch(config-ipaddr-ogroup)#
Cisco Nexus 7000 Series Security Command Reference
518
10 host 10.121.57.102
20 host 10.121.57.234
30 10.23.176.0/24
Name of the IPv4 address object group, which can
be up to 64 alphanumeric, case-sensitive characters.
Modification
This command was introduced.
O Commands