Good point. Although in this case the syntax is match port tcp eq port_num * *
On Mon, Jul 9, 2012 at 11:19 PM, Matt Manire <[email protected]> wrote: > Option 1 would match on TCP port 80. > > Option 2 could match on either TCP or UDP port 80. > > > > *Matt Manire* > *CCSP, CCNP, CCDP, MCSE* *2003 & MCSE 2000* > *Information Systems Security Manager* > [email protected] > *t*: 817.525.1863 > *f*: 817.525.1903 > *m*: 817.271.9165 > > *First Rate* | 1903 Ascension Boulevard | Arlington, TX 76006| > www.FirstRate.com <http://www.firstrate.com/> > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *GuardGrid > *Sent:* Monday, July 09, 2012 9:28 PM > *To:* Ben Shaw > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] Match port or match access-list > > > > none. Advantage of acl is more granularity in defining the match if > required by the task. > > On Mon, Jul 9, 2012 at 9:27 PM, Ben Shaw <[email protected]> wrote: > > Hi All > > I am jsut doing some practice on protocol inspection using MPF on ASA. I > am generally using ACLs to match my traffic in my L3/L4 class maps though > at times the answers I see match just on the port number. > > Apart from being able to define source and destination IP addresses in > ACLs as compared to matching just on a port number in a class map, are > there any deeper benefits to matching on one or the other when using MPF, > especially in regards to then implementing L7 application inspection? Below > is what I mean: > > Option 1 > access-list http-out extended permit tcp any any eq http log > class-map http-outside > match access-list http-out > > Option 2 > class-map http-outside > match port eq 80 > > Thanks > Ben > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
