Complete the following steps to configure an object group and to
use it in the configuration of ACLs:
Step 1 Use the
object-group command to enter the appropriate subcommand
mode for the type of group to be configured. All subcommands entered from the
subcommand prompt apply to the object group identified by the
object-group command.
Step 2
In subcommand mode, define the members of the object group. In subcommand mode,
object grouping subcommands as well as all other PIX Security Appliance
commands can be entered, including show commands and
clear commands. Enter a question mark
(?) in the subcommand mode to view the permitted
subcommands.
Step 3 (Optional) Use the
description subcommand to describe the object
group.
Step 4 Return to configuration mode by
entering the exit command or the quit
command. When any valid configuration command other than one designed for
object grouping is entered, the subcommand mode is terminated.
Step 5 (Optional) Use the show
object-group command to verify that the object group has been
configured successfully. This command displays a list of the currently
configured object groups of the specified type. Without a parameter, the
command displays all object groups.
Step 6
Apply the object group to the access-list command. Replace
the parameters of the access-list command with the
corresponding object group, as summarized in Figure
.
Step 7 (Optional) Use the show
access-list command to display the expanded ACEs.