Cisco ASA 5506-X Configuration Manual page 238
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
DCERPC Inspection
DCERPC inspection maps inspect for native TCP communication between the EPM and client on well
known TCP port 135. Map and lookup operations of the EPM are supported for clients. Client and server
can be located in any security zone. The embedded server IP address and Port number are received from
the applicable EPM response messages. Since a client may attempt multiple connections to the server
port returned by EPM, multiple use of pinholes are allowed, which have configurable timeouts.
DCERPC inspection only supports communication between the EPM and clients to open pinholes
Note
through the ASA. Clients using RPC communication that does not use the EPM is not supported with
DCERPC inspection.
Configure DCERPC Inspection
DCERPC inspection is not enabled by default. You must configure it if you want DCERPC inspection.
Procedure
Configure a DCERPC Inspection Policy Map, page
Step 1
Step 2
Configure the DCERPC Inspection Service Policy, page
Configure a DCERPC Inspection Policy Map
To specify additional DCERPC inspection parameters, create a DCERPC inspection policy map. You can
then apply the inspection policy map when you enable DCERPC inspection.
Before You Begin
Some traffic matching options use regular expressions for matching purposes. If you intend to use one
of those techniques, first create the regular expression or regular expression class map.
Procedure
Create a DCERPC inspection policy map, enter the following command:
Step 1
hostname(config)# policy-map type inspect dcerpc policy_map_name
hostname(config-pmap)#
Where the policy_map_name is the name of the policy map. The CLI enters policy-map configuration
mode.
(Optional) To add a description to the policy map, enter the following command:
Step 2
hostname(config-pmap)# description string
To configure parameters that affect the inspection engine, perform the following steps:
Step 3
a.
Cisco ASA Series Firewall CLI Configuration Guide
10-2
To enter parameters configuration mode, enter the following command:
hostname(config-pmap)# parameters
hostname(config-pmap-p)#
Chapter 10
Inspection for Management Application Protocols
10-2.
10-3.
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
