cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
498
Views
0
Helpful
9
Replies

Layer 7 HTTP Policy Map

mahesh18
Level 6
Level 6

Hi Everyone,

I have this Layer 7 Policy Map which i config using ASDM  under inspects

policy-map type inspect http test4

        parameters

          protocol-violation action drop-connection log

        class _default_GoToMyPC-tunnel

          drop-connection log

class maps identify the traffic and policy maps tell us what action to take.

Need to know on above config class map which matches the trafic is

class _default_GoToMyPC-tunnel

Regards

Mahesh

Message was edited by: mahesh parmar

1 Accepted Solution

Accepted Solutions

Hello Mahesh,

It's basically null,

You are not maching anything. so nothing will get dropped

Check my blog at http:laguiadelnetworking.com for further information.

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

9 Replies 9

Julio Carvajal
VIP Alumni
VIP Alumni

Hello,

Not sure what you ask..

Do u want to know what the class-map matches or includes?

Do show run class-map _default_GoToMyPC-tunnel

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi Julio,

Here i need to confirm  what class map matches?

Regards

MAhesh

Hi Julio,

When i do 

ASA1# sh run class-map _default_GoToMyPC-tunnel

!

!

ASA1#

Can you tell why the class-map output is empty?

Thanks

Mahesh

Hello,

Well it does not look like you add it a match  statement,

Did you?

Can you share show run class-map type inspect _default_GoToMyPC-tunnel

For Networking Posts check my blog at http://www.laguiadelnetworking.com/category/english/

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi julio,

I tried below commands but seems it does not work

ASA1# show run class-map type inspect _default_GoToMyPC-tunnel

                                      ^

ERROR: % Invalid input detected at '^' marker.

ASA1# show run class-map type inspect ?

  dns       Configure a class-map of type DNS

  ftp       Configure a class-map of type FTP

  h323      Configure a class-map of type H323

  http      Configure a class-map of type HTTP

  im        Configure a class-map of type IM

  rtsp      Configure a class-map of type RTSP

  scansafe  Configure a class-map of type SCANSAFE

  sip       Configure a class-map of type SIP

ASA1# show run class-map type inspect  default_GoToMyPC-tunnel

                                        ^

ERROR: % Invalid input detected at '^' marker.

ASA1# show run class-map type inspect_default_GoToMyPC-tunnel

                                     ^

ERROR: % Invalid input detected at '^' marker.

ASA1#

Thanks

Mahesh

Hello,

I missed the HTTP

show run class-map type inspect http  _default_GoToMyPC-tunnel

Check my blog at http:laguiadelnetworking.com for further information.

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi Julio,

Its here

ASA1#  show run class-map type inspect http  _default_GoToMyPC-tunnel

!

!

ASA1#

Hello Mahesh,

It's basically null,

You are not maching anything. so nothing will get dropped

Check my blog at http:laguiadelnetworking.com for further information.

Cheers,

Julio Carvajal Segura

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Thanks Julio,

Regards

Mahesh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: