Extended Access List
Location in GUI: Objects » Object Management » Access List » Extended
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”objects (fmc.domains)
Section titled “objects (fmc.domains)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| extended_access_lists | List | [extended_access_lists] | No |
extended_access_lists (fmc.domains.objects)
Section titled “extended_access_lists (fmc.domains.objects)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[a-zA-Z0-9_.+-]{1,64}$ | Yes | |
| logging | Choice | PER_ACCESS_LIST_ENTRY, DEFAULT, DISABLED | No | DISABLED |
| log_level | Choice | ALERT, CRIT, DEBUG, EMERG, ERR, INFORMATIONAL, NOTICE, WARNING | No | INFORMATIONAL |
| log_interval | Integer | min: 1, max: 600 | No | 300 |
| entries | List | [entries] | Yes |
entries (fmc.domains.objects.extended_access_lists)
Section titled “entries (fmc.domains.objects.extended_access_lists)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| action | Choice | DENY, PERMIT | Yes | |
| logging | Choice | PER_ACCESS_LIST_ENTRY, DEFAULT, DISABLED | Yes | |
| destination_network_literals | List | String | No | |
| destination_network_objects | List | String | No | |
| destination_port_literals | List | [destination_port_literals] | No | |
| destination_port_objects | List | String | No | |
| source_network_literals | List | String | No | |
| source_network_objects | List | String | No | |
| source_sgt_objects | List | String | No | |
| source_port_literals | List | [source_port_literals] | No | |
| source_port_objects | List | String | No |
destination_port_literals (fmc.domains.objects.extended_access_lists.entries)
Section titled “destination_port_literals (fmc.domains.objects.extended_access_lists.entries)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| port | Integer | min: 1, max: 65535 | Yes | |
| protocol | Choice | TCP, UDP | Yes |
Examples
Section titled “Examples”Prerequisites:
fmc: domains: - name: Global objects: hosts: - name: MyHostName1 ip: 10.10.10.10 networks: - name: MyNetworkName1 prefix: 10.10.10.0/24 ports: - name: MyPortName1 port: 8080 protocol: TCP sgts: - name: MySGTName1 tag: 123Extended Access List:
fmc: domains: - name: Global objects: extended_access_lists: - name: MyExtendedACLName1 entries: - action: PERMIT logging: DEFAULT source_network_literals: - 13.13.13.13 source_network_objects: - MyHostName1 source_port_literals: - protocol: TCP port: 8080 source_port_objects: - MyPortName1 source_sgt_objects: - MySGTName1 destination_network_literals: - 13.13.13.13 destination_network_objects: - MyNetworkName1 destination_port_literals: - protocol: TCP port: 8080 destination_port_objects: - HTTPS