10-21-2016 08:36 AM - edited 03-12-2019 01:26 AM
Hi All,
This is the default inspection template I use:
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 4096
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect sqlnet
inspect sunrpc
inspect tftp
inspect xdmcp
inspect pptp
inspect icmp error
inspect icmp
inspect ipsec-pass-thru
policy-map type inspect ftp FTP-strict
parameters
mask-banner
mask-syst-reply
!
service-policy global_policy global
Does this policy run on every interface on the ASA, or just the outside interface?
Solved! Go to Solution.
10-23-2016 07:13 AM
hi,
the global_policy is the default service policy (MPF) which is applied 'globally' on ALL ASA interfaces.
10-23-2016 07:13 AM
hi,
the global_policy is the default service policy (MPF) which is applied 'globally' on ALL ASA interfaces.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide