Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Service Group syntax

Posted on 2004-08-26
3
427 Views
Last Modified: 2008-03-06
Quick and easy for someone to check.........

please see the following

name x.x.x.x OracleServer1
name x.x.x.x OracleServer2
name x.x.x.x OracleServer3
name x.x.x.x OracleServer4
name x.x.x.x OracleServer5
name x.x.x.x OracleServer6
object-group network Oracle_11i-Printers
  network-object 172.16.1.94 255.255.255.255
object-group network Oracle_Server_Cluster
  description Servers for the Oracle 11i Financial System
  network-object OracleServer1 255.255.255.255
  network-object OracleServer2 255.255.255.255
  network-object OracleServer3 255.255.255.255
  network-object OracleServer4 255.255.255.255
  network-object OracleServer5 255.255.255.255
  network-object OracleServer6 255.255.255.255  
object-group service ports tcp
  port-object eq 80
  port-object eq 515
  port-object eq 1521
  port-object eq 1522
  port-object eq 1525
  port-object eq 1527
  port-object eq 1535
  port-object eq 1536
  port-object eq 7000
  port-object eq 7005
  port-object eq 7015
  port-object eq 7035
  port-object eq 7777
  port-object eq 8000
  port-object eq 8005
  port-object eq 8015
  port-object eq 8035
  port-object eq 8800
  port-object eq 8805
  port-object eq 8815
  port-object eq 8835
  port-object eq 9000
  port-object eq 9005
  port-object eq 9015
  port-object eq 9035
  port-object eq 9100
  port-object eq 15000
  port-object eq 15005
  port-object eq 15015
  port-object eq 15035
static (inside,outside) x.x.x.x 172.16.1.94 netmask 255.255.255.255 0 0
access-list outbound permit tcp 172.16.0.0 255.255.0.0 object-group Oracle_Server_Cluster object-group Ports
access-list inbound permit tcp object-group Oracle_Server_Cluster object-group Oracle_11i-Printers eq 9100
access-list inbound permit tcp object-group Oracle_Server_Cluster object-group Oracle_11i-Printers eq 515


Before I upload this have I got the syntax right for the ports service group?

Pete






0
Comment
Question by:Pete Long
  • 2
3 Comments
 
LVL 36

Expert Comment

by:grblades
ID: 11902227
It looks correct apart from this line :-
access-list outbound permit tcp 172.16.0.0 255.255.0.0 object-group Oracle_Server_Cluster object-group Ports
You haven't specified the destination network and you have a capital 'p' in 'ports'.
I think you might mean:-
access-list outbound permit tcp 172.16.0.0 255.255.0.0 object-group Oracle_Server_Cluster any object-group ports
0
 
LVL 57

Author Comment

by:Pete Long
ID: 11906732
OK hang on

access-list outbound permit tcp 172.16.0.0 255.255.0.0 object-group Oracle_Server_Cluster object-group Ports
                                                                                         ^^^^^^^^^^^^^^^^^^

destination network as per

object-group network Oracle_Server_Cluster

or am I being numb? (this is not unusual)


fair one on the "P" though LOL
0
 
LVL 36

Accepted Solution

by:
grblades earned 500 total points
ID: 11908324
Sorry my mistake. It should be the following (just the ports word corrected)

access-list outbound permit tcp 172.16.0.0 255.255.0.0 object-group Oracle_Server_Cluster object-group ports
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question