I highly recommend reading the following document: http://www.cisco.com/en/US/docs/ios/sec_data_plane/configuration/guide/sec_zone_polcy_firew_ps6441_TSD_Products_Configuration_Guide_Chapter.html
It should clear up some of your questions and further enhance your knowledge of the features. Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com On Mar 26, 2010, at 11:22 PM, Kamran Shakil wrote: > Dears, > > > Well, I have been successfully blocking the P2P traffic and tested it with my > softwares in my own lab setup with available internet connection to me using > class-maps. > > Recently , I saw some config in a workbook saying class-map type inspect xyz > and then blocking it , well as I said above, I just made a class-map and I > didn’t use inspect keyword … > > In which situation would I use L7 class-map inspect , although the block of > p2p works smoothly with normal L3/L4 Class maps … please anyone ? explain > ..thanks… > > > > > truly, > Kamran Shakil > BS(CS) MCP MCSE CCNA CCDA CCNP CCDP CQS-WLANSE > CQS-FOUNDSE CQS-IPCX CQS-UCCX > CCIE*(Sec,inprogress) > > <image001.jpg> > > " MDS Cisco team accepts no liability for the content of this email, or for > the consequences of any actions taken on the basis of the information > provided, unless that information is subsequently confirmed in writing. Any > views or opinions presented in this email are solely those of the author and > do not necessarily represent those of the organization.WARNING: Computer > viruses can be transmitted via email. The recipient should check this email > and any attachments for the presence of viruses. The organization accepts no > liability for any damage caused by any virus transmitted by this email. " > > > > <Kamran Shakil.vcf>_______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
