Hello,You don't need an ACL list with class map for inspection. Document includes some example where user wants to allow/deny traffic from specific host, which is possible only with an ACL.Technically Below configuraiton should Let you inspect TCP,UD...
class-maps are used to define traffic which firewall used for policy inspection, There are two types of class-maps layer 4 and layer 7.In layer 4 class-map has following criteria to match,1) Access-Group -- Access-list can filter traffic based on sou...
Hi Henrik,Good question!!Currently, In zone-based firewall there is no way to defined a VPN encrypted traffic in a policy-map. This means after decrypting an ESP packet router will treat it as a normal packet and it will enforce all rules applied for...
I am glad to know that the issue is resolved.please rate all usefull replies given by me and mark this thread as answered if everything is working fine.RegardsAshish.