Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
829
Views
0
Helpful
2
Replies

Service Objects and Groups in ASDM

Go to solution
Kevin Melton
Level 2
Level 2

‎05-10-2010 10:13 AM - edited ‎03-11-2019 10:43 AM

I have been using ASDM for some time

now.  I have always had a quesiton about what exactly Service Groups are that are built using the Service type TCP/UDP vs.  ones that are specifically TCP or UDP.  Out of fear I have always built Service Groups for TCP only or for UDP only.

Lets say I need a Service Group that needs ports 102, 20000, and 21000 in it, but I am unsure if the ports need to be UDP or TCP.  If I create the Service Group using type TCP/UDP, will it allow both TCP and UDP in for the specific port?

Thanks

Kevin

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-10-2010 10:26 AM 

k-melton wrote:
I have been using ASDM for some time
now.  I have always had a quesiton about what exactly Service Groups are that are built using the Service type TCP/UDP vs.  ones that are specifically TCP or UDP.  Out of fear I have always built Service Groups for TCP only or for UDP only.
Lets say I need a Service Group that needs ports 102, 20000, and 21000 in it, but I am unsure if the ports need to be UDP or TCP.  If I create the Service Group using type TCP/UDP, will it allow both TCP and UDP in for the specific port?
Thanks
Kevin

Kevin

Yes it would. In fact that is exactly what service objects are used for ie. so you don't have to create 2 separate groups, one for TCP and one for UDP. So you would configure "object-group service tcp-udp" and then simply use service-objects to add your ports.

Jon

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎05-10-2010 10:26 AM 

k-melton wrote:
I have been using ASDM for some time
now.  I have always had a quesiton about what exactly Service Groups are that are built using the Service type TCP/UDP vs.  ones that are specifically TCP or UDP.  Out of fear I have always built Service Groups for TCP only or for UDP only.
Lets say I need a Service Group that needs ports 102, 20000, and 21000 in it, but I am unsure if the ports need to be UDP or TCP.  If I create the Service Group using type TCP/UDP, will it allow both TCP and UDP in for the specific port?
Thanks
Kevin

Kevin

Yes it would. In fact that is exactly what service objects are used for ie. so you don't have to create 2 separate groups, one for TCP and one for UDP. So you would configure "object-group service tcp-udp" and then simply use service-objects to add your ports.

Jon

0 Helpful

Go to solution
Kevin Melton
Level 2
Level 2
In response to Jon Marshall

‎05-10-2010 11:03 AM

Jon

Thanks for the quick response!

Kevin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card