Cisco FirePOWER ASA 5500 series Configuration Manual page 482
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
SIP Inspection
(Optional) To add a description to the class map, enter the following command:
b.
hostname(config-cmap)# description string
Where string is the description of the class map (up to 200 characters).
(Optional) To match a called party, as specified in the To header, enter the following command:
c.
hostname(config-cmap)# match [not] called-party regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a calling party, as specified in the From header, enter the following command:
d.
hostname(config-cmap)# match [not] calling-party regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a content length in the SIP header, enter the following command:
e.
hostname(config-cmap)# match [not] content length gt length
Where length is the number of bytes the content length is greater than. 0 to 65536.
(Optional) To match an SDP content type or regular expression, enter the following command:
f.
hostname(config-cmap)# match [not] content type {sdp | regex {class class_name |
regex_name}}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
g.
(Optional) To match a SIP IM subscriber, enter the following command:
hostname(config-cmap)# match [not] im-subscriber regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a SIP via header, enter the following command:
h.
hostname(config-cmap)# match [not] message-path regex {class class_name | regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match a SIP request method, enter the following command:
i.
hostname(config-cmap)# match [not] request-method method
Where method is the type of method to match (ack, bye, cancel, info, invite, message, notify,
options, prack, refer, register, subscribe, unknown, update).
(Optional) To match the requester of a third-party registration, enter the following command:
j.
hostname(config-cmap)# match [not] third-party-registration regex {class class_name |
regex_name}
Where the regex regex_name argument is the regular expression you created in
regex_class_name is the regular expression class map you created in
(Optional) To match an URI in the SIP headers, enter the following command:
k.
hostname(config-cmap)# match [not] uri {sip | tel} length gt length
Where length is the number of bytes the URI is greater than. 0 to 65536.
Cisco Security Appliance Command Line Configuration Guide
25-64
Chapter 25
Configuring Application Layer Protocol Inspection
Step
Step
Step
Step
Step
Step
Step
1. The class
2.
Step
1. The class
2.
Step
1. The class
2.
Step
1. The class
2.
Step
1. The class
2.
Step
1. The class
2.
OL-10088-01
Advertisement
Table of Contents
Troubleshooting
