Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Asa inspection questions

Hi Everybody,

In asa 5505 there is a default dns ispection rule, like this:

policy-map type inspect dns preset_dns_map
      parameters
           message-length maximum 512

If I know right, the inspection check the data flows whether it is suitable for the rfc-s and other rules.

I would like to ask if I make my own inspection policy, or I added class-maps and actions for the above preset_dns_map, the original inspection behavior (which is check dataflow against the rfc-s) is still available, is it?

My second question: suppose there are more class-map in a policy-map type inspect

policy-map type inspect ftp ftp

class ftp3

log

class ftp2

log

class ftp1

log

if I add parameters for this 'policy-map type inspect ftp ftp', do the parameters concern all the classes (in a different way the parameters refer to the whole policy-map) ?

thank you

2 REPLIES

Asa inspection questions

Hello Mary Poppins

Yes, it's still available in fact if you want to get the defaul MPF you do the command " clear configure fixup"

Second question:

Each of the layer 7 you set into the DPI policy will have it's own action (you decide it to be the same but it could be unique)

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Looking for some Networking Assistance? Contact me directly at jcarvaja@laguiadelnetworking.com I will fix your problem ASAP. Cheers, Julio Carvajal Segura http://laguiadelnetworking.com
New Member

Re: Asa inspection questions

thank you for the answre

for the second question: the question itself is not the actions, rather the parameters. For example:

policy-map type inspect ftp ftp

     class ftp1

          log

     class ftp2

          log

     parameters

         

So in this case, the parameters modify the behavior of the whole ftp (ftp1-2) inspection, am I right?

or is it possible a configuration lke this? :

policy-map type inspect ftp ftp

     class ftp1

          log

      parameters

         

     class ftp2

          log

     parameters

         

Sorry if it is obvious, I'm not a pro

172
Views
0
Helpful
2
Replies
CreatePlease login to create content