have you tried typing it. Try just hitting enter.
class-map type inspect smtp match-all TEST Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Carlos Jardim Sent: Tuesday, October 12, 2010 11:46 PM To: CCIE Security Maillist Subject: [OSL | CCIE_Security] MATCH-ALL keyword All, I am trying the following.. could you guys tell me where my mistake is.. first time I did this lab (Yusuf1) it was ok.. but now I don't understand why it's not working.. parameter-map type regex ABCD pattern [email protected] ! access-list 111 permit ip any any ! class-map type inspect match-all CM_CENTRAL_REMOTE match access-group 111 ! policy-map type inspect central_remote class type inspect CM_CENTRAL_REMOTE inspect class class-default ! (...) ! class-map type inspect match-any HTTP match protocol http ! class-map type inspect match-any OTHER match protocol telnet match protocol ssh ! class-map type inspect match-all CM_ICMP match protocol icmp ! class-map type inspect match-all CM_SMTP match protocol smtp ! ! class-map type inspect http match-any L7CM_HTTP match request port-misuse tunneling ! policy-map type inspect http L7PM_HTTP class type inspect http L7CM_HTTP reset ! ! ! class-map type inspect smtp ? WORD class-map name match-any Logical-OR all matching statements under this classmap ! ! ****** at this point I don't have "MATCH-ALL" keyword available. I just wanted to add another match sentence inside this class-map (match sender address regex ABCD). ******* policy-map type inspect remote_central class type inspect CM_ICMP inspect police rate 20000 burst 2000 class type inspect OTHER inspect class type inspect CM_SMTP inspect class type inspect HTTP inspect service-policy http L7PM_HTTP ! ! ! ****** configuring this class-map with match-any I can't use a second match as expected ****** R5(config-cmap)#class-map type inspect smtp match-any L7CM_SMTP R5(config-cmap)#match ? data-length Specify data transfer length per session ****** data-length appears as the only one option ******* Thanks a lot; Carlos
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
