Is it matching the first class map. We know for sure that should work. If that is not working possibly FPM is not working on the platform.
I am guessing your string will be *FFFF* as the size is 1500 and FFFF is not 1500 bytes. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com From: [email protected] [mailto:[email protected]] On Behalf Of Kingsley Charles Sent: Friday, February 05, 2010 10:10 AM To: [email protected] Subject: [OSL | CCIE_Security] FPM with ICMP Hi all I am trying to block "ping 10.20.30.40 data FFFF" from a router. class-map type access-control match-any ac match start ICMP payload-start offset 0 size 1500 string "FFFF" class-map type stack match-all sc match field IP protocol eq 1 next ICMP policy-map type access-control ac class ac drop policy-map type access-control st class sc service-policy ac It's simple but I am missing something. I am still able to ping. With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
