piotr if the class and policy maps are missing from the config the how's is the asa performing inspection and is the effectiveness of the firewall affected
i've seen this myself but on two asa 5505s running 8.3 and i've been unsure of what effect copying the class map etc onto a production box would have thanks This was sent from my Blackberry Device. ----- Original Message ----- From: Piotr Matusiak [mailto:[email protected]] Sent: Monday, October 01, 2012 08:56 PM To: Jason Madsen <[email protected]> Cc: [email protected] <[email protected]> Subject: Re: [OSL | CCIE_Security] Sometimes Default MPF Missing on ASAs Jason, This is happening sometimes on 8.0 software. The trick I use it a command 'fixup icmp' which is the old 'inspection' command and should get all MPF configuration back. Give it a try. Regards, Piotr On Oct 1, 2012, at 7:31 PM, Jason Madsen wrote: > Hi Group, > > I've come across situations where the default policy-map and default class > inspection_defaul do not exist. Have seen sometimes (usually) ASAs will keep > them after doing a "clear config all", but other times delete them after > doing so. Is there something to reference within the CLI that shows what all > of the default inspect statements are within the default policy in case we > ever come across an ASA that does not have them already? I've usually just > hopped over to another ASA somewhere and copied the defaults over, but I'm > wondering if there's a way to get this information without having to do that > and/or have to search for this info online. > > Thanks, > Jason > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
