Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1591
Views
0
Helpful
4
Replies

CSM Service Policy

nbean
Level 1
Level 1

‎10-22-2012 10:46 AM - edited ‎02-21-2020 04:46 AM

I am and novice with CSM and have been trying to figure this out for a week now and can't seem to do it with the documentation.  I am working with CSM 3.2 and am trying to configure a new policy map for an ASA and then apply that policy map to a new service policy.  I have been able to put my class maps under the global policy, but cannot see a way to create a new map.  I am trying to disable inspects for SIP and H.323 for a particular device based on an access list and this is what I have:

class-map CSM_CLASS_MAP_no_sip_1

match access-list CSM_CMAP_ACL_2

class-map CSM_CLASS_MAP_no_h323_ras_1

match access-list CSM_CMAP_ACL_2

class-map CSM_CLASS_MAP_no_h323_h225_1

match access-list CSM_CMAP_ACL_2

policy-map global_policy

class CSM_CLASS_MAP_no_h323_h225_1

inspect h323 h225

class CSM_CLASS_MAP_no_h323_ras_1

inspect h323 ras

class CSM_CLASS_MAP_no_sip_1

inspect sip

This is what I need:

class-map no_h323_h225

match access-list no_inspect

class-map no_sip

match access-list no_inspect

class-map no_h323_ras

match access-list no_inspect

policy-map no_inspect

class no_h323_h225

inspect h323 h225

class no_sip

inspect sip

class no_h323_ras

inspect h323 ras

service-policy no_inspect interface inside

Can anyone provide me with instructions on how to finish this? 

0 Helpful
4 Replies 4

nbean
Level 1
Level 1

‎10-29-2012 03:37 PM

Can no one help me figure this out?

0 Helpful

Alfred Berberich
Level 1
Level 1
In response to nbean

‎06-13-2013 11:14 PM

Hi

Creating a class-map via csm 4.3 is not possible I think.

I have the same problem also and opened a TAC case .

I will inform you

sincerely

0 Helpful

Michel Pedersen
Level 1
Level 1

‎06-17-2013 01:24 AM

I haven't tested it myself but it looks like you should be able to do this with CSM 4.4sp1 under the Firewall -> Inspection Rules

regards

Michel

0 Helpful

Alfred Berberich
Level 1
Level 1
In response to Michel Pedersen

‎06-17-2013 03:38 AM

Hi Michel

I installed 4.4 sp1 but I did not find any way to create a new map .

this commands worked  at command line:

class-map dynamic-filter_snoop_class or match port udp eq domain.

I thought creating a new map works at this point of CSM , but it didn´t  work

Policy Object Manager --> Maps --> Calls Maps  ( I excepted such a buttom : create new map )

regards Alfred

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card