Cisco ASA 5506-X Configuration Manual page 16
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Defaults for Service Policies
Default Service Policy Configuration
By default, the configuration includes a policy that matches all default application inspection traffic and
applies certain inspections to the traffic on all interfaces (a global policy). Not all inspections are enabled
by default. You can only apply one global policy, so if you want to alter the global policy, you need to
either edit the default policy or disable it and apply a new one. (An interface policy overrides the global
policy for a particular feature.)
The default policy includes the following application inspections:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
The default policy configuration includes the following commands:
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225 _default_h323_map
inspect h323 ras _default_h323_map
inspect ip-options _default_ip_options_map
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp _default_esmtp_map
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
Cisco ASA Series Firewall CLI Configuration Guide
1-10
DNS
FTP
H323 (H225)
H323 (RAS)
RSH
RTSP
ESMTP
SQLnet
Skinny (SCCP)
SunRPC
XDMCP
SIP
NetBios
TFTP
IP Options
message-length maximum client auto
message-length maximum 512
dns-guard
protocol-enforcement
nat-rewrite
Chapter 1
Service Policy Using the Modular Policy Framework
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
