Default Class Maps (Traffic Classes) - Cisco ASA Series Configuration Manual
Firewall cli, asa services module, and the adaptive security virtual appliance
Hide thumbs
Also See for ASA Series:
- Cli configuration manual (2164 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Defaults for Service Policies
•
•
•
•
•
•
•
•
•
•
•
•
•
The default policy configuration includes the following commands:
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225 _default_h323_map
inspect h323 ras _default_h323_map
inspect ip-options _default_ip_options_map
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp _default_esmtp_map
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
See
Note
default-inspection-traffic command used in the default class map.
Default Class Maps (Traffic Classes)
The configuration includes a default Layer 3/4 class map (traffic class) that the ASA uses in the default
global policy called default-inspection-traffic; it matches the default inspection traffic. This class, which
is used in the default global policy, is a special shortcut to match the default ports for all inspections.
Cisco ASA Series Firewall CLI Configuration Guide
11-10
H323 (H225)
H323 (RAS)
RSH
RTSP
ESMTP
SQLnet
Skinny (SCCP)
SunRPC
XDMCP
SIP
NetBios
TFTP
IP Options
message-length maximum client auto
message-length maximum 512
dns-guard
protocol-enforcement
nat-rewrite
Incompatibility of Certain Feature Actions, page 11-6
Chapter 11
Service Policy Using the Modular Policy Framework
for more information about the special match
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
