Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

doubt with max classes limit

Hello All,

I'm running my ASA with version 8.2.(2)12.

I need to put more classes in Service Policy Rules.

Well, I understant that my limit is full.... 63.

I need to know if new version of firmware, like 8.4(4)1 there is most classes than 63???

[OK] access-list global_mpc_65 line 1 extended permit tcp any host 172.19.4.109 eq 8530
[OK] class-map global-class-wsus
      class-map global-class-wsus
[OK] match access-list global_mpc_65
[OK] policy-map global-policy
      policy-map global-policy
[OK] description wsus
[ERROR] class global-class-wsus
  Max limit of 63 classes in a policy reached

      policy-map global-policy
        class global-class-wsus
[ERROR] inspect icmp

inspect icmp
  ^
% Invalid input detected at '^' marker.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions

doubt with max classes limit

Hello Diego,

Sorry to inform that the answer is now.

Output taken from the configuration guide 8.4.8.6

Policy Map Guidelines

See the following guidelines for using policy maps:

You can only assign one policy map per interface. (However you can create up to 64 policy maps in the configuration.)

You can apply the same policy map to multiple interfaces.

You can identify up to 63 Layer 3/4 class maps in a Layer 3/4 policy map.

For each class map, you can assign multiple actions from one or more feature types, if supported. See the "Incompatibility of Certain Feature Actions" section.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
3 REPLIES

doubt with max classes limit

Hello Diego,

Sorry to inform that the answer is now.

Output taken from the configuration guide 8.4.8.6

Policy Map Guidelines

See the following guidelines for using policy maps:

You can only assign one policy map per interface. (However you can create up to 64 policy maps in the configuration.)

You can apply the same policy map to multiple interfaces.

You can identify up to 63 Layer 3/4 class maps in a Layer 3/4 policy map.

For each class map, you can assign multiple actions from one or more feature types, if supported. See the "Incompatibility of Certain Feature Actions" section.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

doubt with max classes limit

Hello Julio,

It wasn't the answer I expected

Do you know if there is a road map for it? Or, what ASA model is possible to put more than 63??

Thanks

Diego

doubt with max classes limit

Hello Diego,

It's not a model issue is just a OS behavior thing

I know, I know man, sorry to inform you that.. I mean the only way to use more policies will be to create one per interface then one global and redistribute on each on them 63 depending of the traffic requirements.

Hope this help,

Remember to rate all the helpful posts

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
294
Views
0
Helpful
3
Replies
CreatePlease to create content