ASA SQLNET Inspect

Unanswered Question
Oct 12th, 2009
User Badges:

Hi Experts ,


I would appreciate if you can please answer this , I have a bit confustion about what is the difference between ASA inspect and Pix Fixups ,


As far as i Know it is used for special application handeling like Ftp data stream goes out on one port and listen back on different port, to handle thesetype of applications responce we need fixups.


My main consern is this what inpect do in ASA's , As it is said on the cisco document it dose some deeep packet inspection ?


Because i allowes SQL net inspection rule on one of my Newly installed ASA 5510 with IOS 8.4(4) and it start dropping dropping my SQL Server access from outside to inside , as soon as i disbale this ispection rule it started working . Any idea why this happened



Thnaks in anticipation


Kash


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
slug420 Wed, 10/14/2009 - 06:39
User Badges:

pretty sure we still have sqlnet problems even in 8.2.1


The connections dont drop, its just that *some* jobs (I am not a DBA so i dont remember off the top of my head what type it was) just take waaay longer. Like 4 hours instead of 15 minutes. We had to use class maps to apply sqlnet inspection to the traffic that needed it (due to the FTP-like behavior of SQL) while leaving it off for the traffic it was slowing down.

Actions

This Discussion