12-19-2010 02:47 AM - edited 02-21-2020 04:11 AM
Hi,
i have a firewall module (FWSM) ,(version 4.0(6)) which is managed with CSM (3.3.0). There is a problem about regular expression configuration with CSM. HTTP Inspection with regular expression is configured with ASDM successfully but this configuration is not deployed with CSM on FWSM. It seems CSM does not support regular expression for FWSM. The following picture shows that CSM support HTTP advanced inspection configuration only for ASA7,2 and PIX7.2. i need to know does CSM 4.0 has this limitation or is there any solution for this CSM version?
Solved! Go to Solution.
12-20-2010 02:31 PM
You are right, please open a TAC case because we need to work with development to have this fixed in CSM.
Your alternative would be to use FlexConfig in CSM for the regex.
I hope it helps.
PK
01-03-2011 06:00 AM
Here is the guide for Flex configs http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.3/user/guide/tmplchap.html
There is no predefined flex config for the http inspection. But you can create a new Flex config that has the commands
regex
... class-map type inspect http
match header host regex
...
The Flex config in CSM will be deploying the commands as if you were doing it with CLI.
I hope it makes sense.
PK
12-20-2010 02:31 PM
You are right, please open a TAC case because we need to work with development to have this fixed in CSM.
Your alternative would be to use FlexConfig in CSM for the regex.
I hope it helps.
PK
12-25-2010 02:27 AM
thanks for your attention,
how can i configure regular expression inspection with Flexconfig? i couldn't find proper object.
01-03-2011 06:00 AM
Here is the guide for Flex configs http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.3/user/guide/tmplchap.html
There is no predefined flex config for the http inspection. But you can create a new Flex config that has the commands
regex
... class-map type inspect http
match header host regex
...
The Flex config in CSM will be deploying the commands as if you were doing it with CLI.
I hope it makes sense.
PK
01-04-2011 09:52 PM
thank you so much.
finally it worked successfully.
P.S:Merry Christmas!
01-05-2011 12:03 AM
I am glad you could make it work.
Please mark this as answered for the benefit of others that read this post later in the future.
Take care,
PK
01-05-2011 08:21 AM
how can i do tis?
01-05-2011 08:46 AM
You should have an option to rate every post and an option to mark a thread you started as answered.
PK
04-04-2012 08:18 AM
Hmmm... CSM 4.2 on the loose and still not fixed... Do CSM and FWSM developers talk to each other and synch their features?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide