Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

object-group command for udp and tcp ports

cuattc
Level 1
Level 1

‎10-04-2002 08:26 AM - edited ‎03-09-2019 12:34 AM

Just checking on this command:

object-group service grp_id {tcp | udp | tcp-udp}

and the description of tcp-udp

Specifies that service group can be used for TCP and UDP.

Is there a way to use this or some other combination to add UDP and TCP ports to the same service group vs. opening up both UDP and TCP to the ports listed.

For example you may want to have UDP 88 and TCP 445 in the same group but not UDP 88, TCP 445 AND TCP 88 and UDP 445.

Labels:
0 Helpful
1 Reply 1

thisisshanky
Level 11
Level 11

‎10-04-2002 01:06 PM

in cases where you want both udp 88 and tcp 88 and tcp 445 and udp 445, you can go for the tcp-udp clause

otherwise you should specifically define them with tcp or udp clauses

for ex:

config)# object-group service test tcp-udp

(config-service)# port-object range 1024 65535

(config-service)# exit

This helps in defining a object group by name test, which specifies a range of Tcp and UDPports, which can be used in ACLs or conduits.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful
Customers Also Viewed These Support Documents