Hi All,

This is the default inspection template I use:

class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 4096
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect xdmcp
inspect pptp
inspect icmp error
inspect icmp
inspect ipsec-pass-thru
policy-map type inspect ftp FTP-strict
parameters
mask-banner
mask-syst-reply
!
service-policy global_policy global

Does this policy run on every interface on the ASA, or just the outside interface?