Hi Rene and staff,
may i come back to this previous post ?
ERROR: % class map inspection_default not configured
First you should know i am clear with the 3 concepts class-map, policy-map, service-policy
I would recommand this video
from Tony BOURKE, which in my opinion, is the best to be clear with these concepts
So what is my problem ?
I lab with ASA 8.4 and there was no class inspection_default predefined
So create it in general config !
class-map inspection_default
match default-inspection-traffic
What does do this command ?
I though it add the listed protocols above to the inspection engine: so, from there, ftp is inspected, tftp is inspected, etc…
Then i have to add class inspection_default to policy-map global_policy
policy-map global_policy
class inspection_default
and then to set service-policy: service-policy global_policy global
But when i edit show run policy-map
none of the protocols listed in default-inspection-traffic are inspected !!
To work, I had to set them again under policy-map: inspect ftp, inspect tftp, etc…
So, I dont understand how it works
Could you clarify ?
Regards