Firewall Feature Set Commands
16-126 Configuring Security
Syntax of the “no” Form
ThenoformofthiscommandsetsthedefaultRPCtimeoutvalue:
no ip firewall rpc timeout
Default
5seconds
Mode
Globalconfiguration:XSR(config)#
Example
ThefollowingexampleresetstheMicrosoftRPCidletimeoutintervalto10minutes:
XSR(config)#ip firewall rpc microsoft-rpc timeout 6000

ip firewall service

Thiscommanddefinesaserviceobjectwhichreflectsanapplication,itstransportprotocol(TCPor
UDP),protocoltypeandportnumberranges.TheXSRsupportsanumberofpredefinedservices
whichcanbeviewedwithshow ip firewall user-services.Servicescanbedirectlycitedin
policyobjectsoryoucanaddyourownservice.IntrinsicservicesANY_TCPandANY_UDPare
availableforallTCPorUDPports.
Aserviceiscomprisedofasourceanddestinationportrange,andprotocol.Forflexibility,port
rangescanbespecifiedusingqualifierssuchaseq,ltandgtwhicharealsoavailablefor
configuringaccesslists.
Anameforanyfirewallobjectmustusethesealphanumericcharactersonly:A‐Z(upperorlower
case),0‐9,-(dash),or _(underscore).Also,allfirewallobjectnamesarecasesensitive.
Syntax
ip firewall service name <source-port-range> <dest-port-range> <protocol>
ip firewall service name {eq <0-65535> | gt <0-65535> | lt <0-65535> | range <0-
65535> <0-65535>} {eq <0-65535> | gt <0-65535> | lt <0-65535> | range <0-65535> <0-
65535>}{tcp | udp}
Note: The show ip firewall service command displays pre-defined services.
name Nameoftheprotocol,nottoexceed16characters.
eq Portrangeequalsnumberspecified.
gt Portrangeisstrictlygreaterthanthenumberspecified,andlessthanor
equalto65535.
lt Portrangeisstrictlylessthanthenumberspecified.
range Explicitportrangewiththestartandendrangesspecified:<065535>
tcp or udp protocol Transportprotocol.Theprotocolvalueiscasesensitive.