Based on the document you provided. You want the service object group to be applied on the source addresses. Object group won't work the way you want. It's because of the service object group can be only applied on the destination. Why? If you read that document clearly. It says that the service object group is only to replace the protocol keyword in ACE. You can't use the service object group after the eq keyword. (grin)
The network object group is simply used as Src or Dest IP addresses in ACE.
The example provided by Collin is the correct syntax for permiting host 192.168.50.100 to go to any IP address with WebServices. It's something like this "permit ip host 192.168.50.100 any eq [www&443]"
It still doesn't make sense to me. I want to understand why I can't issue the command 'permit tcp object-group my_network_object_group object-group
my_service_object_group any' like in the document. After the network object group I'm only allowed to issue another network object group. The syntax supplied in the document looks like I can use it the way I need to but it simply doesn't work. Here's what I see:
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...