Cisco PIX 500 Series Configuration Manual page 473

Security appliance command line

Hide thumbs Also See for PIX 500 Series:

Administration manual (653 pages)

Quick start manual (72 pages)

User manual (60 pages)

Table of Contents

Configuring Application Layer Protocol Inspection

radius-accounting [map_name]

rtsp [map_name]

sip [map_name]

skinny [map_name]

snmp [map_name]

To activate the policy map on one or more interfaces, enter the following command:

hostname(config)# service-policy policymap_name {global | interface interface_name }

Where global applies the policy map to all interfaces, and interface applies the policy to one interface.

By default, the default policy map, "global_policy," is applied globally. Only one global policy is

allowed. You can override the global policy on an interface by applying a service policy to that interface.

You can only apply one policy map to each interface.

Protocol Keywords

Cisco Security Appliance Command Line Configuration Guide

The radius-accounting keyword is only available for a

management class map. See the

Map for Management Traffic" section on page 21-5

information about creating a management class map.

If you added a RADIUS accounting inspection policy map

according to

"Configuring a RADIUS Inspection Policy

Map for Additional Inspection Control" section on

25-61, identify the map name in this command.

If you added a NetBIOS inspection policy map according to

"Configuring an RTSP Inspection Policy Map for Additional

Inspection Control" section on page

name in this command.

If you added a SIP inspection policy map according to

"Configuring a SIP Inspection Policy Map for Additional

Inspection Control" section on page

name in this command.

If you added a Skinny inspection policy map according to

"Configuring a Skinny (SCCP) Inspection Policy Map for

Additional Inspection Control" section on page

identify the map name in this command.

If you added an SNMP inspection policy map according to

"SNMP Inspection" section on page

name in this command.

The default class map includes UDP port 111; if you want to

enable Sun RPC inspection for TCP port 111, you need to

create a new class map that matches TCP port 111, add the

class to the policy, and then apply the inspect sunrpc

command to that class.

Configuring Application Inspection

"Creating a Layer 3/4 Class

25-63, identify the map

25-67, identify the map

25-76, identify the map

Troubleshooting

Asa 5500 series

Cisco PIX 500 Series Configuration Manual page 473

Troubleshooting

Related Manuals for Cisco PIX 500 Series

Related Products for Cisco PIX 500 Series

This manual is also suitable for:

Table of Contents