Seems about right, just the first one give you more granularity if you
want to protect a specific SMTP host. I think it comes important when
you have to match on both IP and protocol since you are limited in
multiple matching statements for ASA MPF non-default classes to
something plus tunnel-group if I am not mistaken.
A.
On 6/10/2012 7:44 AM, Eugene Pefti wrote:
If I were to inspect non-standard SMTP on port 2525 on ASA will these
two achieve the same results?
access-list SMTP-2525-ACL extended permit tcp any host XXX.XXX.XXX.XXX
eq 2525
class-map SMTP-2525-CM
match access-list SMTP-2525-ACL
class-map SMTP-2525-CM
match port tcp eq 2525
Eugene
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
