Create an ASA Service Group

A service group can be made up of one or more service objects representing one or more protocols.

Procedure


Step 1

In the left pane, click Objects.

Step 2

Click Create Object > ASA > Service.

Step 3

Enter an object name.

Step 4

Select Create a service group.

Step 5

Add an existing object by clicking Add Object, selecting an object, and clicking Select. Repeat this step to add more objects.

Step 6

If needed, add an extra individual service type value to the service group

  • For TCP, UDP, and TCP-UDP service types, enter a source port, destination port, or both:

    • The source port identifier allows you to match traffic originating from a particular numbered port. In the source port identifier, select an operator: equal to, range, less than, greater than, or not equal to and provide the appropriate port number or range.

    • The destination port identifier allows you to match traffic arriving at a particular numbered port. In the destination port identifier, select an operator: equal to, range, less than, greater than, or not equal to and provide the appropriate port number or range.

  • For Protocol service types, enter a protocol number between 0-255, or a well-known name, such as ip, tcp, udp, gre, and so forth.

Step 7

To add more individual port values, click Add Another Value and repeat step 6.

Step 8

Click Add when you are done adding service objects and service values to the service group.