Hi All I am jsut doing some practice on protocol inspection using MPF on ASA. I am generally using ACLs to match my traffic in my L3/L4 class maps though at times the answers I see match just on the port number.
Apart from being able to define source and destination IP addresses in ACLs as compared to matching just on a port number in a class map, are there any deeper benefits to matching on one or the other when using MPF, especially in regards to then implementing L7 application inspection? Below is what I mean: Option 1 access-list http-out extended permit tcp any any eq http log class-map http-outside match access-list http-out Option 2 class-map http-outside match port eq 80 Thanks Ben
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
