OK, thanks all for the feedback
On Tue, Jul 10, 2012 at 3:38 PM, Kingsley Charles < [email protected]> wrote: > Use IP address, when they have mentioned the IP Address. For example, if > want to inspect ftp on port 2121, it's better to use ACE. > > Remove the default inspection, put this custom class matching port 2121 > with ACL and then below that put default class map. > > Now both normal ftp traffic and on port 2121 is inspected. > > Ports can be used but they are open to any address. > > > > With regards > Kings > > On Tue, Jul 10, 2012 at 6:57 AM, Ben Shaw <[email protected]> wrote: > >> Hi All >> >> I am jsut doing some practice on protocol inspection using MPF on ASA. I >> am generally using ACLs to match my traffic in my L3/L4 class maps though >> at times the answers I see match just on the port number. >> >> Apart from being able to define source and destination IP addresses in >> ACLs as compared to matching just on a port number in a class map, are >> there any deeper benefits to matching on one or the other when using MPF, >> especially in regards to then implementing L7 application inspection? Below >> is what I mean: >> >> Option 1 >> access-list http-out extended permit tcp any any eq http log >> class-map http-outside >> match access-list http-out >> >> Option 2 >> class-map http-outside >> match port eq 80 >> >> Thanks >> Ben >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
