Sql*Net Inspection; Sun Rpc Inspection - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 22
Applying Application Layer Protocol Inspection
where class_map_name is the name of the class map you created in
map class configuration mode and the prompt changes accordingly.
Step 8
Enable SNMP application inspection. To do so, use the inspect snmp command, as follows:
hostname(config-pmap-c)# inspect snmp snmp_map_name
hostname(config-pmap-c)#
where snmp_map_name is the SNMP map that you created in
Use the service-policy command to apply the policy map globally or to a specific interface, as follows:
Step 9
hostname(config-pmap-c)# service-policy policy_map_name [global | interface interface_ID]
hostname(config)#
where policy_map_name is the policy map you configured in
to traffic on all the interfaces, use the global option. If you want to apply the policy map to traffic on a
specific interface, use the interface interface_ID option, where interface_ID is the name assigned to the
interface with the nameif command.
The FWSM begins inspecting SNMP traffic, as specified.
Example 22-14
outside interface:
Example 22-14 Configuring SNMP Application Inspection
hostname(config)# class-map snmp_port
hostname(config-cmap)# match port tcp range 161 162
hostname(config-cmap)# snmp-map sample_map
hostname(config-snmp-map)# deny version 1
hostname(config-snmp-map)# deny version 2
hostname(config-snmp-map)# policy-map sample_policy
hostname(config-pmap)# class snmp_port
hostname(config-pmap-c)# inspect snmp sample_map
hostname(config-pmap-c)# service-policy sample_policy interface outside
hostname(config)#
SQL*Net Inspection
SQL*Net inspection is enabled by default.
For information about SQL*Net inspection, see the inspect sqlnet command page in the Catalyst 6500
Series Switch and Cisco 7600 Series Router Firewall Services Module Command Reference.
Sun RPC Inspection
This section describes how to enable Sun RPC application inspection, change the default port
configuration, and manage the Sun RPC service table. This section includes the following topics:
•
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
enables SNMP application inspection on traffic sent to TCP ports 161 and 162 from the
Sun RPC Inspection Overview, page 22-100
Enabling and Configuring Sun RPC Inspection, page 22-100
Managing Sun RPC Services, page 22-102
SQL*Net Inspection
Step
2. The CLI enters the policy
Step
4.
Step
6. If you want to apply the policy map
22-99
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
