Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure inspect policies for FTP ,TFTP, SIP, DNS etc. on the Adaptive Security Appliance (ASA)

Resolution

Use this configuration example in order to configure inspect policies:

hostname(config)#class-map inspection_default

hostname(config-cmap)#match default-inspection-traffic

hostname(config)#policy-map type inspect dns preset_dns_map

hostname(config-pmap)#parameters

hostname(config-pmap-p)#message-length maximum 512

hostname(config-pmap-p)#policy-map global_policy

hostname(config-pmap-p)#class inspection_default

hostname(config-pmap-c)#inspect dns preset_dns_map

hostname(config-pmap-c)#inspect ftp

hostname(config-pmap-c)#inspect h323 h225

hostname(config-pmap-c)#inspect h323 ras

hostname(config-pmap-c)#inspect netbios

hostname(config-pmap-c)#inspect rsh 

hostname(config-pmap-c)#inspect rtsp

hostname(config-pmap-c)#inspect skinny

hostname(config-pmap-c)#inspect sqlnet

hostname(config-pmap-c)#inspect sunrpc

hostname(config-pmap-c)#inspect tftp

hostname(config-pmap-c)#inspect sip

hostname(config-pmap-c)#inspect xdmcp

Refer to Cisco Security Appliance Command Reference, Version 7.2 for more information on these commands.

3125
Views
1
Helpful
0
Comments