You can either use a new L7 policy map or default DNS policy map. Which ever is first associated to the global policy will be in effect.
With regards Kings On Tue, Feb 8, 2011 at 2:35 AM, Pemasiri Devanarayana <[email protected]>wrote: > Hi, > > when I want to inspect on id randamization, massage format > > 1) should i create new L7 policy-map or use the default policy-map of > preset_dns_map (policy-map type inspect dns preset_dns_map)..? > > 2) if I use different L7 Policy-map I have to remove the existing dns > inspection which is also inspecting "message-length maximum 512" by default > and it will also will remove, in that case should i add message lenth max. > 512 in the new L7 policy-map..? > > 3) when I configure match protocol-enforcement, it does not show under > running configuration. (show running-config policy-map), it's bug or its > already in inspection by default..? > > policy-map type inspect dns PM7-DNS > parameters > id-randomization > policy-map global_policy > class inspection_default > inspect ftp > inspect h323 h225 > inspect h323 ras > inspect netbios > > Appreciate all expertises' correct solution. > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
