This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Is it possible to write a rule matching any IP ending in .xx

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Is it possible to write a rule matching any IP ending in .xx

Go to solution
Saqib
Not applicable

‎10-22-2014 12:27 AM

Hi all,

I have a question, is it possible to write a rule that matches only a part of the IP address? For example match any IP ending in .51? Using wildcards this would be  *.*.*.51


Put another way, i would like to match all IP's that are x.x.x.51 where x is any number. Someone in our teams suggested using 0.0.0.51/32 but this does not work, although there are 0.0.124.0 type rules in our firewall.

Can you clarify if it's possible to match on only a specific part of an IP address and if so how is this done?

Thank you!

Saqib

1 person had this problem.
0 Likes Likes
8 REPLIES 8

Go to solution
Saqib
Not applicable
In response to santonic

‎10-22-2014 02:20 AM

Thanks guys, this has been very helpful, I will contact out SE. (Sales Executive?) and ask for this feature.

0 Likes Likes

Go to solution
santonic
L5 Sessionator
In response to HULK

‎10-22-2014 03:27 AM

Is there a place where you can see all the feature requests?

0 Likes Likes

Go to solution
hshah
L6 Presenter
In response to santonic

‎10-22-2014 07:51 AM

Hi Santonic,

Customer dont have access to it, you can get that information either from forum or from TAC or from SE.

Regards,

Hardik Shah

0 Likes Likes

Go to solution
Usama-Ahmed
L1 Bithead

‎02-26-2021 11:21 AM

Wildcard IP objects are supported as of PAN-OS 9.0. Please see the documentation below on it. 

 

Also, please do watch out for the longest prefix match limitation/caveat.

 

https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/networking-features/wildcard-addres...

 

You could do a match of x.x.x.51 Ip addresses via wildcard IP object of 10.0.0.51/255.255.255.0. 

Please do double-check my math. 

 

Also to my knowledge, you cannot add IP Wildcard addresses to address groups. 

 

Thanks

Usama Ahmed

 

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks