so i did the changeonf tpolicy-map type inspect dns preset_dns_map parameters message-length maximum 4096 policy-map global_policy class inspection_default inspect dns preset_dns_mapand then the show run policy-map was showing me message length maximum as 4096
Here I see agony ... Well a quick and dirty - masquerading solution would be ... Make sure you configure CISCO ASA as router .. that is ... have all in-> out allow any and out-> in allow any and then behind ASA re-install your shorewall box.that is to get your Managers happy since they paid for it ( they are the people who insisted for a cisco change right ??? ) and you to find enough time to get support from cisco ( $$$$$ after Cisco people need to make money too + money goes into the IT field )
+ knowledge to configure the thing your self ... Good luck. ( you'll need it ).
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Achieve Improved Network Security with IP and DNS Reputation. Defend against bad network traffic, including botnets, malware, phishing sites, and compromised hosts - saving your company time, money, and embarrassment. Learn More! http://p.sf.net/sfu/hpdev2dev-nov
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
