All,

I am trying the following.. could you guys tell me where my mistake is..  first 
time I did this lab (Yusuf1) it was ok.. but now I don't understand why it's 
not 
working.. 


parameter-map type regex ABCD
 pattern [email protected]
!
access-list 111 permit ip any any
!
class-map type inspect match-all CM_CENTRAL_REMOTE
 match access-group 111
!
policy-map type inspect central_remote
 class type inspect CM_CENTRAL_REMOTE
  inspect
 class class-default
!
(...)
!
class-map type inspect match-any HTTP
 match protocol http
!
class-map type inspect match-any OTHER
 match protocol telnet
 match protocol ssh
!
class-map type inspect match-all CM_ICMP
 match protocol icmp
!
class-map type inspect match-all CM_SMTP
 match protocol smtp
!
!
class-map type inspect http match-any L7CM_HTTP
 match  request port-misuse tunneling
!
policy-map type inspect http L7PM_HTTP
 class type inspect http L7CM_HTTP
  reset
!
! 
!
class-map type inspect smtp ?
  WORD       class-map name
  match-any  Logical-OR all matching statements under this classmap
!
!

****** at this point I don't have "MATCH-ALL" keyword available. I just wanted 
to add another match sentence inside this class-map (match sender address regex 
ABCD). *******


policy-map type inspect remote_central
 class type inspect CM_ICMP
  inspect
  police rate 20000 burst 2000
 class type inspect OTHER
  inspect
 class type inspect CM_SMTP
  inspect
 class type inspect HTTP
  inspect
  service-policy http L7PM_HTTP
!
!
!


****** configuring this class-map with match-any I can't use a second match as 
expected ******

R5(config-cmap)#class-map type inspect smtp match-any L7CM_SMTP
R5(config-cmap)#match ?
  data-length  Specify data transfer length per session

****** data-length appears as the only one option *******


Thanks a lot;
Carlos



      
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Reply via email to