Hello Johan, I don't think we have to remove ftp inspection from "class inspection_default". It can be there and it won't matter.
Why i feel this way is because, the FTP packet arriving on port 21021 will NOT match under the class inspection_default , and the only class that it will match is the "custom" class that we have defined. You can have a conflict ONLY if the packet matches 2 classes which have the identical action applied. Then, only the first class's action is applied and the second class's action is ignored. In this case, although the action in both the classes is the same( i.e *inspect ftp* ), the ports on which they operate are different. So there is no clash, IMO. Please correct me if i'm mistaken Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
