Good Morning.
I would like to thank everyone that has replied and forgive me maybe I am not explaining what I am seeing correctly or I do not understand what I think I understand :). Here is what is going on in a nutshell. I have a
ASA 5516
with no config. I create a config with no
policy-map
type. It does only included a
Policy-map
global policy with a few entries to inspect. I have created a config template, We have a script that sees that template and changes IP's then pushes out configs accordingly. The configs that are generated are good. However once loaded and the ASA reloads I then have entries that were not added in the config see below.
Policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
Policy-map type inspect dns migrated_dns_map_2
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
I also have extra entries within the
Policy-map
global policy that I have not added ( why and how did they get there)
for example the items that I did not add to the config that appear in the
policy-map global_policy
are below.
inspect dns migrated_dns_map_1
inspect ftp
inspect tftp
I guess what I do not understand is why they are automatically show up on my ASA config when they are not included on my config that I have built for these ASA's . One reason that I am not understanding what is going on , Is that the items that are appearing within my config after reload should not be there as they were not part of the config.
Thank you again for all help
