I want to create a security model where one vlan is more trusted than the other (Like Pix/ASA or a router with inspection enabled). However, when i want to create a TCP or UDP inspection i can only select between a limited number of protocols.
I've created 2 class maps :
class-map match-all TCP_INSPECT
2 match port tcp any
class-map match-all UDP_INSPECT
2 match port udp any
The combined them into a policy-map :
policy-map multi-match INSPECTION
However when i enter the policy-map\TCP_INSPECT i can only choose between : dns Configure dns inspection ftp Configure ftp inspection http Configure http inspection icmp Configure icmp inspection rtsp Configure rtsp inspection
However, i do have for example SMB traffic running from one vlan to the other. How can i inspect that traffic so i don't have to enter an extra access-list entry ?