{"id":793,"date":"2024-12-07T11:25:55","date_gmt":"2024-12-07T08:25:55","guid":{"rendered":"https:\/\/itgen.itbumper.com\/?page_id=793"},"modified":"2024-12-08T03:08:15","modified_gmt":"2024-12-08T00:08:15","slug":"0026_cisco-aliases-and-groups","status":"publish","type":"page","link":"https:\/\/itgen.itbumper.com\/?page_id=793","title":{"rendered":"0026_Cisco: Aliases and Groups"},"content":{"rendered":"

Cisco<\/span> IOS<\/span> allows<\/span> you to use<\/span> aliases<\/span> and<\/span> groups<\/span> to<\/span> simplify<\/span> the configuration<\/span> and<\/span> management<\/span> of network<\/span> devices<\/span>.<\/span> This<\/span> makes<\/span> the commands<\/span> more<\/span> readable<\/span> and<\/span> easier<\/span> to<\/span> use<\/span>.<\/span><\/p>\n\n

\n#Aliases and groups in Cisco IOS\n\n#Aliases and groups can simplify the configuration and management \n#This makes the commands more readable and easier to use.\n\nenable\n\talias exec shint show ip interface brief\n\talias exec clrconf clear ip route *\n\talias exec pconfig ping 8.8.8.8\n\t\n\talias exec <alias> <command> \t#creates an alias shint for EXEC mode for show ip interface brief\n\tshow alias\t\t\t\t\t\t#to show all aliases\n\tunalias exec shint\t\t\t\t#to delete an alias shint\n\n\n#OBJECT GROUPS\n#Groups types\n#\t- IP Address Group \t\u2013 to combine IP addresses or networks into a group\n#\t- Protocol Group\t\u2013 to combine protocols into a group (TCP, UDP, ICMP etc).\n#\t- Service Group \t\u2013 to combine Services (ports) into a group (HTTP, FTP etc)\n\n#Example: IP address group\n#Create a group BRANCHES\n\t\tobject-group network BRANCHES\n\t\t\tdescription Branch offices\n\t\t\tnetwork-object 192.168.1.0 255.255.255.0\n\t\t\tnetwork-object 192.168.2.0 255.255.255.0\n\n#Use the group in the ACL\n\t\tip access-list extended ALLOW-BRANCHES\n\t\t\tpermit ip object-group BRANCHES any\n\t\t\t\n#Example: Service group\n#Create a group for HTTP and HTTPS\n\t\tobject-group service WEB-PORTS tcp\n\t\t\tport-object eq 80\n\t\t\tport-object eq 443\n\n#Use the group in the ACL\n\t\tip access-list extended ALLOW-WEB\n\t\t\tpermit tcp any any object-group WEB-PORTS\n\n#Example: Protocol group\n#Create a group for protocols ICMP \u0438 OSPF\n\t\tobject-group protocol ROUTING\n\t\t\tprotocol-object ospf\n\t\t\tprotocol-object icmp\n\n#Use the group in the ACL\n\t\tip access-list extended ROUTING-FILTER\n\t\t\tpermit object-group ROUTING any any\n\t\t\t\n#Advantages\n#Readability: Configurations become easier to understand\n#Ease of management: Changes in the group are immediately applied to all related policies\n#Enhanced security: Eliminates errors when manually entering IP addresses or ports\n#Shortening the configuration: Instead of repeating identical commands, you use group references\n\n\n\t\tobject-group network SUPPORT_IP\n\t\t\tnetwork-object 192.1.1.10\n\t\t\tnetwork-object 192.1.2.20\n\t\t\tnetwork-object 95.18.3.30\n\n\t\tip access-list extended SUPPORT_WAN\n\t\t\tpermit tcp object-group SUPPORT_IP any eq 990        ! FTPS\n\t\t\tpermit ip object-group SUPPORT_IP any gre            ! GRE\n\t\t\tpermit tcp object-group SUPPORT_IP any eq 80         ! HTTP\n\t\t\tpermit tcp object-group SUPPORT_IP any eq 443        ! HTTPS\n\t\t\tpermit udp object-group SUPPORT_IP any eq 500        ! IKE\n\t\t\tpermit icmp object-group SUPPORT_IP any echo         ! PING\n\t\t\tpermit tcp object-group SUPPORT_IP any eq 22         ! SSH_TCP\n\t\t\tpermit udp object-group SUPPORT_IP any eq 22         ! SSH_UDP\n\t\t\tpermit tcp object-group SUPPORT_IP any eq 23         ! TELNET\n\t\t\tpermit ip object-group SUPPORT_IP any ahp            ! AH\n\t\t\tpermit ip object-group SUPPORT_IP any esp            ! ESP\n\t\t\tpermit udp object-group SUPPORT_IP any eq 4500       ! NAT-T\n\n\n\n\t\tip access-list extended SUPPORT_WAN\n\t\t\tpermit tcp any any eq 990        ! FTPS\n\t\t\tpermit ip any any gre            ! GRE\n\t\t\tpermit tcp any any eq 80         ! HTTP\n\t\t\tpermit tcp any any eq 443        ! HTTPS\n\t\t\tpermit udp any any eq 500        ! IKE\n\t\t\tpermit icmp any any echo         ! PING\n\t\t\tpermit tcp any any eq 22         ! SSH_TCP\n\t\t\tpermit udp any any eq 22         ! SSH_UDP\n\t\t\tpermit tcp any any eq 23         ! TELNET\n\t\t\tpermit ip any any ahp            ! AH\n\t\t\tpermit ip any any esp            ! ESP\n\t\t\tpermit udp any any eq 4500       ! NAT-T\n<\/pre><\/div>","protected":false},"excerpt":{"rendered":"
Cisco IOS allows you to use aliases and groups to simplify the configuration and management of network devices. This makes the commands more readable and easier to use.<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"categories":[],"tags":[],"_links":{"self":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/793"}],"collection":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=793"}],"version-history":[{"count":2,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/793\/revisions"}],"predecessor-version":[{"id":805,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/793\/revisions\/805"}],"wp:attachment":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}