have you tried typing it.  Try just hitting enter.

 

class-map type inspect smtp match-all TEST

 

 

 

Regards,

 

Tyson Scott - CCIE #13513 R&S, Security, and SP

Managing Partner / Sr. Instructor - IPexpert, Inc.

Mailto: [email protected]

Telephone: +1.810.326.1444, ext. 208

Live Assistance, Please visit: www.ipexpert.com/chat

eFax: +1.810.454.0130

 

IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio 
Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, 
Voice, Security & Service Provider) certification(s) with training locations 
throughout the United States, Europe, South Asia and Australia. Be sure to 
visit our online communities at www.ipexpert.com/communities and our public 
website at www.ipexpert.com <http://www.ipexpert.com/> 

 

From: [email protected] 
[mailto:[email protected]] On Behalf Of Carlos Jardim
Sent: Tuesday, October 12, 2010 11:46 PM
To: CCIE Security Maillist
Subject: [OSL | CCIE_Security] MATCH-ALL keyword

 

All,

 

I am trying the following.. could you guys tell me where my mistake is..  first 
time I did this lab (Yusuf1) it was ok.. but now I don't understand why it's 
not working.. 

 

 

parameter-map type regex ABCD

 pattern [email protected]

!

access-list 111 permit ip any any

!

class-map type inspect match-all CM_CENTRAL_REMOTE

 match access-group 111

!

policy-map type inspect central_remote

 class type inspect CM_CENTRAL_REMOTE

  inspect

 class class-default

!

(...)

!

class-map type inspect match-any HTTP

 match protocol http

!

class-map type inspect match-any OTHER

 match protocol telnet

 match protocol ssh

!

class-map type inspect match-all CM_ICMP

 match protocol icmp

!

class-map type inspect match-all CM_SMTP

 match protocol smtp

!

!

class-map type inspect http match-any L7CM_HTTP

 match  request port-misuse tunneling

!

policy-map type inspect http L7PM_HTTP

 class type inspect http L7CM_HTTP

  reset

!

! 

!

class-map type inspect smtp ?

  WORD       class-map name

  match-any  Logical-OR all matching statements under this classmap

!

!

 

****** at this point I don't have "MATCH-ALL" keyword available. I just wanted 
to add another match sentence inside this class-map (match sender address regex 
ABCD). *******

 

 

policy-map type inspect remote_central

 class type inspect CM_ICMP

  inspect

  police rate 20000 burst 2000

 class type inspect OTHER

  inspect

 class type inspect CM_SMTP

  inspect

 class type inspect HTTP

  inspect

  service-policy http L7PM_HTTP

!

!

!

 

 

****** configuring this class-map with match-any I can't use a second match as 
expected ******

 

R5(config-cmap)#class-map type inspect smtp match-any L7CM_SMTP

R5(config-cmap)#match ?

  data-length  Specify data transfer length per session

 

****** data-length appears as the only one option *******

 

 

Thanks a lot;

Carlos

 


 

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Reply via email to