ASA# sho run object-g service in-line | in 1433

                                 ^

ERROR: % Invalid input detected at '^' marker.

ASA#

Hello,

With command which I specified you can find an object which contains a service,

sh run object service in-line | i 1433

To find an object-group which contains 1433, will be easier in ASDM:

I attached a screenshot

I issued the command and firewall pointed to an error after the word service, meaning "in-line" is not one of the commands it expects after the word "service"

So what is the ASA version? Answer for object-group is ASDM.

Best Regards,

Eugene

Here's the command to find the object group name a port is in:

ASAXXX# show run object-group | in object-group | time-exceeded

object-group icmp-type ICMP_SVCS

icmp-object time-exceeded

Now you can find what else is in that object group:

ASAXXX# sho run object-group id ICMP_SVCS      

object-group icmp-type ICMP_SVCS

icmp-object echo-reply

icmp-object unreachable

icmp-object echo

icmp-object time-exceeded

icmp-object traceroute

and the access-list that object group is being used in:

ASAXXX# sho access-list | in ICMP_SVCS

access-list Access_List_Name line 5 extended permit icmp object-group ABCD object-group WXYZ object-group ICMP_SVCS

So if you know a port number, you can quickly find out what object group and what access list is allowing that port.