Creating Service objects and groups in command line interface for 5.9 & 6.1 and above

03/26/2020 17 People found this article helpful 477,490 Views

Description

This article illustrates how to create Service objects and Service groups using the Command Line Interface (CLI) of the SonicOS Enhanced 5.9 & above firmware

NOTE: You need to commit after any configuration to save the settings. Also you need to configure address object in Configuration mode.

Creating a Service Object
Creating a Service Group
Editing a Service Object
Editing a Service Group
Deleting a Service Object
Deleting a Service Group

Resolution

Login to the SonicWall CLI using either SSH or Serial connection.
Enter the Administrator Username and Password.
You will be presented with the root prompt of the CLI.
Type configure <enter> to enter the device configuration mode.

Creating a Service Object

The below command is used to create new service object for TCP 5000 port

config (0017C53E8C94) # service-object "TCP 5000"
(add-service-object [TCP 5000]) # tcp 5000 5000
(add-service-object [TCP 5000]) # commit
% Applying changes ...
%changes made .
(edit-service-object [TCP 5000]) # exit
Creating a Service Group

The below command is used to create new service Group with HTTP & HTTPS as members.

config (0017C53E8C94) # service-group "Web Service"
(add-service-group [Web Service]) # service-object "HTTP"
(add-service-group [Web Service]) # service-object "HTTPS"
(add-service-group [Web Service]) # commit
% Applying changes ...
%changes made .
(edit-service-group [Web Service]) # exit
Editing a Service Object

The below command is used to change service object which has port number as TCP 5000 to TCP (5000 to 5005)

config (0017C53E8C94) # service-object "TCP 5000"
(edit-service-object [TCP 5000]) # tcp 5000 5005
(edit-service-object [TCP 5000]) # commit
% Applying changes ...
%changes made .
(edit-service-object [TCP 5000]) # exit
Editing a Service Group

The below command is used to add SSH & SNMP services to the existing service group named "Web Service".

config (0017C53E8C94) # service-group "Web Service"
(edit-service-group [Web Service]) # service-object "SSH"
(edit-service-group [Web Service]) # service-object "SNMP"
(edit-service-group [Web Service]) # commit
% Applying changes ...
% changes made .
(edit-service-group [Web Service]) # exit
Deleting a Service Object

The below command is used to delete service object with name "TCP 5000"

config (0017C53E8C94) # no service-object "TCP 5000"
config (0017C53E8C94) # commit
% Applying changes ...
% changes made .
config (0017C53E8C94) #
Deleting a Service Group

The below command is used to delete service group with name "Web Service"

config (0017C53E8C94) # no service-group "Web Service"
config (0017C53E8C94) # commit
% Applying changes ...
%changes made .
config (0017C53E8C94) #