Solved: Application Inspection of an ASA

Odys (CSC) · ‎09-20-2013

Does the default inspection policy (without edit) provide Application Inspection ? or Stateful Inspection only ?

I believe this is the default inspection policy (MPF) on an ASA 5505:

class-map inspection_default

 match default-inspection-traffic
policy-map type inspect dns preset_dns_map

 parameters

  message-length maximum 512
policy-map global_policy
 class inspection_default

  inspect dns preset_dns_map 
inspect ftp
  inspect h323 h225 

  inspect h323 ras 

  inspect rsh 

  inspect rtsp 

  inspect esmtp 

  inspect sqlnet 

  inspect skinny 

  inspect sunrpc 

  inspect xdmcp 

  inspect sip 

  inspect netbios 

  inspect tftp 
service-policy global_policy global

thx

Tariq Bader · ‎09-20-2013

This is a stateful inspection by default except for the dns
For application inspection policies (layer 7 inspection) you have to define seperate layer 7 policies for each protocol and define it in the stateful inspection policy map

Sent from Cisco Technical Support Android App

View solution in original post

Tariq Bader · ‎09-20-2013

This is a stateful inspection by default except for the dns
For application inspection policies (layer 7 inspection) you have to define seperate layer 7 policies for each protocol and define it in the stateful inspection policy map

Sent from Cisco Technical Support Android App

Tariq Bader · ‎09-20-2013

Check this out for more info
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/inspect.html

Sent from Cisco Technical Support Android App