Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Need help with an object-group on PIX 506

I need to group the following ports for a VoIP device.

514 UDP

1194 UDP

3480 UDP

49000-50000 UDP

443 TCP

I obviously don't want to make 1000+ entries in the PIX config, and I'm a tad confused on the object-group and then how to apply it.

Single IP, translated from the interface to 192.168.1.5. What commands will I need? Thanks so much for any help.

3 REPLIES

Re: Need help with an object-group on PIX 506

object-group service VOIP_TCP tcp

port-object eq 443

!

object-gropu service VOIP_UDP udp

port-object eq 514

port-object eq 1194

port-object eq 3480

port-object range 49000 50000

!

access-list TESTACL permit tcp any any object-group VOIP_TCP

access-list TESTACL permit udp any any object-group VOIP_UDP

!

is this what you are looking for ?

Community Member

Re: Need help with an object-group on PIX 506

Yes. The config on this PIX is a bit older and using static/conduit commands (I know it's outdated). What is the static command for those port mappings?

Re: Need help with an object-group on PIX 506

sorry mark, I didn't get the static part of your question.

which code are you running btw ?

105
Views
0
Helpful
3
Replies
CreatePlease to create content