1-7
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Objects
Configuring Objects
Detailed Steps
Command Purpose
Step 1
object-group service grp_id
Example:
hostname(config)# object-group service
services1
Adds a service group. The grp_id is a text string up to 64
characters in length and can be any combination of letters, digits,
and the following characters:
• underscore “_”
• dash “-”
• period “.”
The prompt changes to service configuration mode.
Step 2
Add one or more of the following group members:
service-object protocol
Example:
hostname(config-service)# service-object
ipsec
Identifies the protocol name or number, between 0 and 255.
service-object {tcp | udp | tcp-udp}
[source operator number]
[destination operator number]
Example:
hostname(config-service)# port-object eq
domain
You can specify the source and/or destination ports, between 0
and 65535. For a list of supported names, see the CLI help. Valid
operators include:
• eq—Equals the port number.
• gt—Greater than the port number.
• lt—Less than the port number.
• neq—Not equal to the port number.
• range—A range of ports. Specify two numbers separated by
a space, such as range 1024 4500.
service-object {icmp [icmp_type
[icmp_code]] | icmp6 [icmp6_type
[icmp_code]]}
Example:
hostname(config-service)# port-object eq
domain
Specifies that the service type is for ICMP or ICMPv6
connections. You can optionally specify the ICMP type by name
or number, between 0 and 255.
The optional icmp_code specifies an ICMP code, between 1 and
255.
service-object object name
Example:
hostname(config-service)# port-object eq
domain
Specifies a service object name, created with the object service
command.
To Next Page
Loading...
Need help?
General
