We have an ASA 5520 running 7.2(2). I am familiar with the Pix and 6.3 but am just getting to know the ASA and 7.x. Here is my problem. We have an internal user who connects to an outside server via http. Fine no problem, now this http session spawn off another session on tcp port 2000 and this is a problem as the ASA then inspects this session, it is not a "skinny" session so the ASA kills it. If we turn off " inspect skinny" then it works correctly. Global removal of the "inspect skinny" is not an option for us, so how can I selectivtly remove the "inspect skinny" from this one conversion. It seems as if MPF should allow this but I can not seem to find the right combination of "class, policy maps" and service-policy to accomplish the task. Any guidance would be appreciated.