HP VPN Firewall Appliances Access Control Configuration Guide
69
Figure 61 Importing the configurations
Configuring the service resource at the CLI
Service resource is also referred to as service objects at the CLI:
• Service object—A service object comprises a single protocol.
• Service group object—A service group object comprises service objects, service group objects, or
both.
In addition to service object and service group object, there are also IP object, IP address group object,
MAC address object, and MAC address group object at the CLI. For more information about these
objects, see "Configuring address resource."
One group object can comprise other group objects, and a member group object can also comprise
other group objects. However, no further iteration is allowed and a group object cannot be a member of
itself. For example, if object object3 is a member of group object object2, which is a member of group
object object1, object3 cannot be a group object and object1 cannot be a member of object2.
On a VD, you can configure different categories of objects, and configure multiple objects for each
category. Each object on a VD is uniquely identified by its name. For more information about VDs and
the switchto vd command, see System Management and Maintenance Command Reference.
Configuring a service object
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter VD system
view.
switchto vd vd-name
Required only when you are first logged in to the
system view of the default VD and want to configure
an object for a non-default VD.
3. Create a service
object and enter
service object view.
object service name
By default, there are some system pre-defined service
objects on the device, which cannot be deleted or
changed. To view the system pre-defined service
objects, use the display object service default
command.
If the object already exists, you enter its view.
4. Configure a
description for the
object.
description
description-string
Optional.
By default, no description is configured for an object.