Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
3
Replies

IOS zone based firewall

Go to solution
sarahr202
Level 5
Level 5

‎06-12-2013 06:12 PM - edited ‎03-11-2019 06:57 PM

HI everybody.

I have few questions.

policy-map type inspect PING

class type inspect PING

  inspect

class class-default

  pass

1)What is the order of operation?  The" inspect"  action will apply only to class " PING" . The action " pass" will be applied to class" default"   Am i correct?

-----------------------------------------------------

policy-map type inspect PING

class type inspect PING

  inspect

class class-default

2) What would be the action for class " default" when none is specified  as shown above ?

3)

class-map type inspect LEE

Above if we don't mention " match-all or match any"  , what is the default?

thanks and have a great day.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎06-12-2013 06:17 PM

Hello Sarah,

1)What is the order of operation?  The" inspect"  action will apply only to class " PING" . The action " pass" will be applied to class" default"   Am i correct?

You got it, from top to bottom we will check the policy-maps.

2) What would be the action for class " default" when none is specified  as shown above ?

Drop by default

3)class-map type inspect LEE

Above if we don't mention " match-all or match any"  , what is the default?

I think it's a match all by default

Do a quick show run | sec class-map to figure it out

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎06-12-2013 06:17 PM

Hello Sarah,

1)What is the order of operation?  The" inspect"  action will apply only to class " PING" . The action " pass" will be applied to class" default"   Am i correct?

You got it, from top to bottom we will check the policy-maps.

2) What would be the action for class " default" when none is specified  as shown above ?

Drop by default

3)class-map type inspect LEE

Above if we don't mention " match-all or match any"  , what is the default?

I think it's a match all by default

Do a quick show run | sec class-map to figure it out

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
sarahr202
Level 5
Level 5
In response to Julio Carvajal

‎06-12-2013 06:49 PM

Thanks Jcarvaja

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to sarahr202

‎06-12-2013 07:48 PM

Hey Sarah,

My pleasure,

Have a good one

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card