Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Difference between protocol object group and service object group?

What is the difference in defining a protocol object group as oppossed to a service object group? They both appear to open up specific ports for an application. Why use one rather than the other?

2 REPLIES
Cisco Employee

Re: Difference between protocol object group and service object

The protocol object group is used to specify a protocol(s) to be defined in an ACL or conduit. This object group can be used as the protocol type only in the associated ACL or conduit.

The service object group is used to specify specific or ranges of TCP and/or UDP ports to be defined in an ACL or conduit. This object group can be used as either the source port(s) or destination port(s) in the associated ACL/conduit

More info / examples on the below url;

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml

Hope this helps,

Yatin

New Member

Re: Difference between protocol object group and service object

As I understand, we can simply define them as:

Protocol object-group- layer 3 (to define protocols like ip, esp, gre etc)

Service object-groups - layer 4 (to define port numbers under tcp, udp or both)

Best regards / Sampath.

Srengarajan@att.com

664
Views
0
Helpful
2
Replies
CreatePlease login to create content