02-01-2020 02:57 PM
do we inspect Routing protocols or routing protocols packets through asa.
By default ASA allows Routing protocol packets but i we want to inspect routing protocols.
Solved! Go to Solution.
02-01-2020 03:24 PM
hi,
What you want to achieve with inspection for a Routing Protocol? ASA on a high level do inspection for two reasons, to check the application whether it uses non-standard ports which will also allow to take some actions with protocol inspected and to monitor the state of the session
02-01-2020 05:17 PM
No.
Here are the protocols eligible for inspection natively on an ASA:
ccielab-asa(config-pmap-c)# inspect ? mpf-policy-map-class mode commands/options: ctiqbe dcerpc diameter dns esmtp ftp gtp h323 http icmp ils im ip-options ipsec-pass-thru ipv6 lisp m3ua mgcp mmp netbios pptp rsh rtsp scansafe sctp sip skinny snmp sqlnet stun sunrpc tftp vxlan waas xdmcp ccielab-asa(config-pmap-c)#
02-01-2020 03:24 PM
hi,
What you want to achieve with inspection for a Routing Protocol? ASA on a high level do inspection for two reasons, to check the application whether it uses non-standard ports which will also allow to take some actions with protocol inspected and to monitor the state of the session
02-01-2020 05:17 PM
No.
Here are the protocols eligible for inspection natively on an ASA:
ccielab-asa(config-pmap-c)# inspect ? mpf-policy-map-class mode commands/options: ctiqbe dcerpc diameter dns esmtp ftp gtp h323 http icmp ils im ip-options ipsec-pass-thru ipv6 lisp m3ua mgcp mmp netbios pptp rsh rtsp scansafe sctp sip skinny snmp sqlnet stun sunrpc tftp vxlan waas xdmcp ccielab-asa(config-pmap-c)#
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: