42-11
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter42 Getting Started with Application Layer Protocol Inspection
Configuring Application Layer Protocol Inspection
Step6 To activate the policy map on one or more interfaces, enter the following command:
hostname(config)# service-policy policymap_name {global | interface interface_name}
Where global applies the policy map to all interfaces, and interface applies the policy to one interface.
By default, the default policy map, “global_policy,” is applied globally. Only one global policy is
allowed. You can override the global policy on an interface by applying a service policy to that interface.
You can only apply one policy map to each interface.
sqlnet
sunrpc The default class map includes UDP port 111; if you want to
enable Sun RPC inspection for TCP port 111, you need to
create a new class map that matches TCP port 111, add the
class to the policy, and then apply the inspect sunrpc
command to that class.
tftp
waas
xdmcp
Table42-2 Protocol Keywords
Keywords Notes