When using a “inspect policy map” you need to add it to a “standard policy-map” to allow you to add it to the service policy.
For each policy map there would be a class map, the inspect would match the FTP command, and then use the classmap “inspection-default” in the standard policy map.
policy-map type inspect dns preset_dns_map
message-length maximum 512
policy-map type inspect ftp FTPPOL
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
inspect ftp strict FTPPOL
service-policy global_policy global
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial