11-26-2010 07:14 AM - edited 03-11-2019 12:15 PM
we see sunrpc & imap being present under inspect policy-map in a cisco zone based firewall.
Attempts to remove both these from the policy doesnt succeed. I have used following methods for removal -
RtrBr(config-pmap)#class type inspect Lan-to-internet
no service-policy sunrpc
no service-policy imap
After this, when output of policy-map type inspect for this policy is seen, both these protocols among others are still seen under inspection list.
Why does this not get removed completely by above steps. Any other recommendations to achieve it.
Also if it still remains in place, how can we view if it indeed is doing the inspection, any dropped packets or so?
TIA
Solved! Go to Solution.
11-28-2010 04:12 PM
I believe the command is
sh policy-map type inspect zone-pair sessions
or
sh policy-map type inspect zone-pair
I am just typing it you may want to question mark it and complete the command.
-KS
11-26-2010 11:52 AM
Could you pls. copy and paste the output of
sh run | s zone
sh run policy-map
sh run class-map
To remove the inspections you should go under the policy and then under the class and issue "no inspect sunrc" and "no insect imap".
Thanks,
KS
11-26-2010 02:01 PM
Thanks. I see that the no inspect has to be used under the policy for removal.I will have it used this way.
Unfortunately i dont have visibility on this device and part of this config was given by another business subsidary.
is there any command to verify that protocol inspection for rest of remaining protocols are still happening.
I recall having seen some {process switch: fast switch} packets besides each protocol, using show policy-map type inspect
what does those stand for.
11-28-2010 04:12 PM
I believe the command is
sh policy-map type inspect zone-pair sessions
or
sh policy-map type inspect zone-pair
I am just typing it you may want to question mark it and complete the command.
-KS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide