Hi, when I want to inspect on id randamization, massage format
1) should i create new L7 policy-map or use the default policy-map of preset_dns_map (policy-map type inspect dns preset_dns_map)..? 2) if I use different L7 Policy-map I have to remove the existing dns inspection which is also inspecting "message-length maximum 512" by default and it will also will remove, in that case should i add message lenth max. 512 in the new L7 policy-map..? 3) when I configure match protocol-enforcement, it does not show under running configuration. (show running-config policy-map), it's bug or its already in inspection by default..? policy-map type inspect dns PM7-DNS parameters id-randomization policy-map global_policy class inspection_default inspect ftp inspect h323 h225 inspect h323 ras inspect netbios Appreciate all expertises' correct solution.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
