Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
3
Replies

ASA - Check traffic with regex

Renzo_Orezzoli
Level 1
Level 1

‎03-01-2018 06:40 AM - edited ‎02-21-2020 07:27 AM

I want to check specific ports & protocol messages for their data and only allow that data between two interfaces when it matches any of the conditions.

 

I built a regular expression class and have it OR match between the different regular expression's (name - value).

 

I think this is done correctly. But I'm not sure how to apply it to the interface(s).

Labels:
0 Helpful
3 Replies 3

Flavio Miranda
VIP
VIP

‎03-03-2018 06:12 AM

Hi

 You need to add your class inside a policy and apply like this:

service-policy inside-policy interface inside

Refers to this doc:

 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100535-asa-8x-regex-config.html

 

-If I helped you somehow, please, rate it as useful.- 

0 Helpful

Renzo_Orezzoli
Level 1
Level 1
In response to Flavio Miranda

‎03-29-2018 01:51 PM

I've tried to do that via that guide, but it specifies HTTP traffic, what I want to do is only allow certain data through the FW regardless of the port or protocol used. I want to scan the packet data itself for corruption.

0 Helpful

Renzo_Orezzoli
Level 1
Level 1
In response to Renzo_Orezzoli

‎04-03-2018 07:44 AM

I think I understand now that I need the submodule's help in doing what I want. I'm exploring firepower now to do just that.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card