A service group can be made up of one or more service objects representing one or more protocols.
Procedure
Step 1 | In the left pane, click Objects > ASA
Objects. |
Step 2 | Click . |
Step 3 | Enter an object name. |
Step 4 | Select Create a service group. |
Step 5 | Add an existing object by clicking Add Object, selecting an object, and clicking Select. Repeat this step to add more objects. |
Step 6 | If needed, add an extra individual service type value to the service group
-
For TCP, UDP, and TCP-UDP service types, enter a source port, destination port, or both:
-
The source port identifier allows you to match traffic originating from a particular numbered port. In the source port identifier, select an operator: equal to, range, less than, greater than, or not equal to and provide the appropriate port number or range.
-
The destination port identifier allows you to match traffic arriving at a particular numbered port. In the destination port identifier, select an operator: equal to, range, less than, greater than, or not equal to and provide the appropriate port number or range.
-
For Protocol service types, enter a protocol number between 0-255, or a well-known name, such as ip, tcp, udp, gre, and so forth.
|
Step 7 | To add more individual port values, click Add Another Value and repeat step 6. |
Step 8 | Click Add when you are done adding service objects and service values to the service group. |