Cisco ASA 5505 Configuration Manual page 831

Chapter 37 Configuring Inspection of Basic Internet Protocols
•
Mode
The following table shows the modes in which this feature is available:
Firewall Mode
Routed
•
Add/Edit IPSec Pass Thru Policy Map (Details)
The Add/Edit IPSec Pass Thru Policy Map (Details) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps >IPSec Pass Through >
IPSec Pass Through Inspect Map > Advanced View
The Add/Edit IPSec Pass Thru Policy Map pane lets you configure the security level and additional
settings for IPSec Pass Thru application inspection maps.
Fields
•
•
•
•
OL-20339-01
Low—Default.
–
Maximum ESP flows per client: Unlimited.
ESP idle timeout: 00:10:00.
Maximum AH flows per client: Unlimited.
AH idle timeout: 00:10:00.
High
–
Maximum ESP flows per client:10.
ESP idle timeout: 00:00:30.
Maximum AH flows per client: 10.
AH idle timeout: 00:00:30.
Default Level—Sets the security level back to the default level of Low.
–
Details—Shows additional parameter settings to configure.
Security Context
Transparent Single
• •
Name—When adding an IPSec Pass Thru map, enter the name of the IPSec Pass Thru map. When
editing an IPSec Pass Thru map, the name of the previously configured IPSec Pass Thru map is
shown.
Description—Enter the description of the IPSec Pass Through map, up to 200 characters in length.
Security Level—Shows the security level settings to configure.
Parameters—Configures ESP and AH parameter settings.
– Limit ESP flows per client—Limits ESP flows per client.
Maximum—Specify maximum limit.
– Apply ESP idle timeout—Applies ESP idle timeout.
Timeout—Specify timeout.
Multiple
Context System
• —
Cisco ASA 5500 Series Configuration Guide using ASDM
IPSec Pass Through Inspection
37-47