Applying Inspection To Http Traffic Globally - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 21
Using Modular Policy Framework
Modular Policy Framework Examples
Applying Inspection to HTTP Traffic Globally
In this example (see
Figure
21-2), any HTTP connection (TCP traffic on port 80) that enters the security
appliance through any interface is classified for HTTP inspection. Because the policy is a global policy,
inspection occurs only as the traffic enters each interface.
Figure 21-2
Global HTTP Inspection
Security
appliance
port 80
insp.
A
port 80 insp.
inside
outside
Host B
Host A
See the following commands for this example:
hostname(config)# class-map http_traffic
hostname(config-cmap)# match port tcp eq 80
hostname(config)# policy-map http_traffic_policy
hostname(config-pmap)# class http_traffic
hostname(config-pmap-c)# inspect http
hostname(config)# service-policy http_traffic_policy global
Cisco Security Appliance Command Line Configuration Guide
21-20
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
