Cisco ASA 5505 Configuration Manual page 784

Configuring Application Layer Protocol Inspection
If you want to match non-standard ports, then create a new rule for the non-standard ports. See the
"Default Settings" section on page 36-3
combine multiple rules in the same service policy if desired, so you can create one rule to match certain
traffic, and another to match different traffic. However, if traffic matches a rule that contains an
inspection action, and then matches another rule that also has an inspection action, only the first
matching rule is used.
In the Edit Service Policy Rule > Rule Actions dialog box, click the Protocol Inspection tab.
Step 3
For a new rule, the dialog box is called Add Service Policy Rule Wizard - Rule Actions.
Select each inspection type that you want to apply.
Step 4
(Optional) Some inspection engines let you control additional parameters when you apply the inspection
Step 5
to the traffic. Click Configure for each inspection type to configure an inspect map.
You can either choose an existing map, or create a new one. You can predefine inspect maps in the
Configuration > Firewall > Objects > Inspect Maps pane.
You can configure other features for this rule if desired using the other Rule Actions tabs.
Step 6
Click OK (or Finish from the wizard).
Step 7
Cisco ASA 5500 Series Configuration Guide using ASDM
36-6
Chapter 36 Getting Started With Application Layer Protocol Inspection
for the standard ports for each inspection engine. You can
OL-20339-01