Chapter 3
Configuring Application Protocol Inspection
Associating the Layer 7 SIP Inspection Class Map with the Policy Map
OL-16202-01
match name im-subscriber expression
match name message-path expression
match name request-method method_name
match name third-party-registration expression
match name uri {sip | tel} length gt value
See the
"Configuring a Layer 7 SIP Inspection Class Map"
about the inline match commands.
For example, to add an inline match command to a Layer 7 SIP inspection policy
map, enter:
host/Admin(config-pmap-ins-sip)# match sip_match called-party abc123.*
host/Admin(config-pmap-ins-sip-m)#
To remove the inline match command from the policy map, enter:
host/Admin(config-pmap-ins-sip)# no match sip_match called-party
abc123.*
You can associate the Layer 7 SIP inspection class map with the Layer 7 SIP
inspection policy map by using the class command in policy map inspection SIP
configuration mode.
The syntax of this command is as follows:
class map_name
The map_name argument is the identifier of an existing Layer 7 SIP inspection
class map. Enter the name as an unquoted text string with no spaces and a
maximum of 64 alphanumeric characters.
For example, to associate a Layer 7 SIP inspection class map with a Layer 7 SIP
inspection policy map, enter:
host/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS
host/Admin(config-pmap-ins-sip-c)#
To dissociate the class map from the policy map, enter:
host/Admin(config-pmap-ins-sip)# no class SIP_INSPECT_L7CLASS
Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
Configuring a Layer 7 SIP Inspection Policy
section for details
3-89