Cisco ASA 5506-X Configuration Manual page 25
Cli
Hide thumbs
Also See for ASA 5506-X:
- Installation manual (46 pages) ,
- Hardware installation manual (26 pages) ,
- Quick start manual (14 pages)
Advertisement
Chapter 1
Service Policy Using the Modular Policy Framework
Monitoring Service Policies
To monitor service policies, enter the following command:
•
Examples for Service Policies (Modular Policy Framework)
This section includes several Modular Policy Framework examples.
•
•
•
•
Applying Inspection and QoS Policing to HTTP Traffic
In this example, any HTTP connection (TCP traffic on port 80) that enters or exits the ASA through the
outside interface is classified for HTTP inspection. Any HTTP traffic that exits the outside interface is
classified for policing.
Figure 1-1
A
Host A
See the following commands for this example:
hostname(config)# class-map http_traffic
hostname(config-cmap)# match port tcp eq 80
hostname(config)# policy-map http_traffic_policy
hostname(config-pmap)# class http_traffic
hostname(config-pmap-c)# inspect http
hostname(config-pmap-c)# police output 250000
hostname(config)# service-policy http_traffic_policy interface outside
show service-policy
Displays the service policy statistics.
Applying Inspection and QoS Policing to HTTP Traffic, page 1-19
Applying Inspection to HTTP Traffic Globally, page 1-20
Applying Inspection and Connection Limits to HTTP Traffic to Specific Servers, page 1-20
Applying Inspection to HTTP Traffic with NAT, page 1-21
HTTP Inspection and QoS Policing
appliance
inside
Security
insp.
port 80
police
port 80
insp.
outside
Cisco ASA Series Firewall CLI Configuration Guide
Monitoring Service Policies
Host B
1-19
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
