Fortinet black logo

CLI Reference

config system service

config system servicegrp

Use this command to create the service group objects that you use to specify matching services in policies.

The following policies use service group objects:

  • Link Load Balance policies
Basic Steps
  1. Create service group objects.
  2. Specify them when you configure your policies.

Before you begin:

  • You must have read-write permission for system settings.
  • You must have created service objects.

Syntax

config system servicegrp

edit "servicegrp-name"

set member-list <A> <B> <C>

end

servicegrp-name

The name of the service-group.
member-list

List of supported system services, which include the following:

  • HTTP
  • HTTPS
  • ICMP
  • TELNET
  • SSH
  • FTP
  • SMTP
  • SMTPS
  • IMAP
  • IMAPS
  • POP3
  • POP3S
  • DHCP
  • DNS
  • NTP
  • SNMP
  • SNMP_TRAP
  • SYSLOG
  • LDAP
  • LDAPS
  • RADIUS
  • RADIUS_OLD
  • KERBEROS
  • SMB
  • SAMBA
  • MYSQL
  • GRE
  • ALL
  • service1

Example

config system service

edit "http"

set protoco-type tcp

set specify-source-port enable

set source-port-min 1

set source-port-max 65535

set destination-port-min 80

set destination-port-max 80

next

edit "icmp"

set protoco-type icmp

next

end

config system servicegrp

edit "servicegrp_test"

set member-list HTTP ICMP

next

end

config system addrgrp

edit "1"

set member-list 10_10 10_20

next

end

config system addrgrp6

edit "v6_1"

set member-list v6_10 v6_20

next

end

config system service

config system servicegrp

Use this command to create the service group objects that you use to specify matching services in policies.

The following policies use service group objects:

  • Link Load Balance policies
Basic Steps
  1. Create service group objects.
  2. Specify them when you configure your policies.

Before you begin:

  • You must have read-write permission for system settings.
  • You must have created service objects.

Syntax

config system servicegrp

edit "servicegrp-name"

set member-list <A> <B> <C>

end

servicegrp-name

The name of the service-group.
member-list

List of supported system services, which include the following:

  • HTTP
  • HTTPS
  • ICMP
  • TELNET
  • SSH
  • FTP
  • SMTP
  • SMTPS
  • IMAP
  • IMAPS
  • POP3
  • POP3S
  • DHCP
  • DNS
  • NTP
  • SNMP
  • SNMP_TRAP
  • SYSLOG
  • LDAP
  • LDAPS
  • RADIUS
  • RADIUS_OLD
  • KERBEROS
  • SMB
  • SAMBA
  • MYSQL
  • GRE
  • ALL
  • service1

Example

config system service

edit "http"

set protoco-type tcp

set specify-source-port enable

set source-port-min 1

set source-port-max 65535

set destination-port-min 80

set destination-port-max 80

next

edit "icmp"

set protoco-type icmp

next

end

config system servicegrp

edit "servicegrp_test"

set member-list HTTP ICMP

next

end

config system addrgrp

edit "1"

set member-list 10_10 10_20

next

end

config system addrgrp6

edit "v6_1"

set member-list v6_10 v6_20

next

end