Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Inspect not working in cisco ASA

Hi

I have a cisco ASA5520 box running with IOS version8.2(5)13 where default policy map is applied globally. But I have not seen any traffic being inspected through included protocol defined under policy map.Any idea what may be the issue.All configuration seems to be ok for me.

service-policy global_policy global

Global policy:

  Service-policy: global_policy

    Class-map: inspection_default

      Inspect: ftp, packet 0, drop 0, reset-drop 0

      Inspect: rsh, packet 0, drop 0, reset-drop 0

      Inspect: rtsp, packet 0, drop 0, reset-drop 0

               tcp-proxy: bytes in buffer 0, bytes dropped 0

      Inspect: skinny , packet 0, drop 0, reset-drop 0

               tcp-proxy: bytes in buffer 0, bytes dropped 0

      Inspect: sunrpc, packet 0, drop 0, reset-drop 0

               tcp-proxy: bytes in buffer 0, bytes dropped 0

      Inspect: xdmcp, packet 0, drop 0, reset-drop 0

      Inspect: netbios, packet 0, drop 0, reset-drop 0

      Inspect: icmp error, packet 0, drop 0, reset-drop 0

      Inspect: tftp, packet 0, drop 0, reset-drop 0

      Inspect: icmp, packet 0, drop 0, reset-drop 0

      Inspect: h323 h225 _default_h323_map, packet 0, drop 0, reset-drop 0

               tcp-proxy: bytes in buffer 0, bytes dropped 0

      Inspect: dns preset_dns_map_1, packet 0, drop 0, reset-drop 0

1 REPLY

Inspect not working in cisco ASA

I'm assuming you've the service-policy global_policy global command in place, hence I can only assume that this is a bug with your present version. After all, version 8.2.5 has brought me more headaches than anything else.

Perhaps, you could try downgrading to version 8.2.4, for example. This version is alrite. You can't upgrade to version 8.3.X as this requires memory upgrade, which means money $$$

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
338
Views
0
Helpful
1
Replies
CreatePlease login to create content