Create an ASA Network Group

A network group can contain IP address values, network objects, and network groups. When you are creating a new network group, you can search for existing objects by their name, IP addresses, IP address range, or FQDN and add them to the network group. If the object isn't present, you can instantly create that object in the same interface and add it to the network group. Network groups can contain both IPv4 and IPv6 addresses.

Note

If cloud-delivered Firewall Management Center is deployed on your tenant:

When you create a network object or group on the Objects > FTD Network Objects or Objects > FDM Objects or Objects > ASA Objects page, a copy of the object is automatically added to the Objects > Other FTD Objects page and vice-versa. In addition, an entry is created in the Devices with Pending Changes page for each on-prem management center with Discover & Manage Network Objects enabled, from which you can choose and deploy the objects to the on-prem management center on which you want these objects.

Procedure

Step 1

In the left pane, click Objects > ASA Objects.

Step 2

Click the blue plus button to create an object.

Step 3

Click ASA > Network.

Step 4

Enter an Object Name.

Step 5

Select Create a network group.

Step 6

(optional) Enter an object description.

Step 7

In the Values field, enter a value or object name. When you start typing, CDO provides object names or values that match your entry.

Step 8

You can choose one of the existing objects shown or create a new one based on the name or value that you have entered.

Step 9

If CDO finds a match, to choose an existing object, click Add to add the network object or network group to the new network group.

Step 10

If you have entered a value or object that is not present, you can perform one of the following:

  • Click Add as New Object With This Name to create a new object with that name. Enter a value and click the check mark to save it.

  • Click Add as New Object to create a new object. The object name and value are the same. Enter a name and click the check mark to save it.

  • Click Add Value to create an inline value without using an object. Enter a value and click the check mark to save it.

It's is possible to create a new object even though the value is already present. You can make changes to those objects and save them.

Note

You can click the edit icon to modify the details. Clicking the delete button doesn't delete the object itself; instead, it removes it from the network group.

Step 11

After adding the required objects, click Add to create a new network group.

Step 12

Preview and Deploy Configuration Changes for All Devices.