37-38
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 37 Configuring Inspection of Basic Internet Protocols
ICMP Inspection
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
–
Response Header Count—Applies the regular expression match to the header of the response
with a maximum number of headers.
Greater Than Count—Enter the maximum number of headers.
–
Response Header Length—Applies the regular expression match to the header of the response
with length greater than the bytes specified.
Greater Than Length—Enter a header length value in bytes.
–
Response Header non-ASCII—Matches non-ASCII characters in the header of the response.
–
Response Status Line—Applies the regular expression match to the status line.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
• Multiple Matches—Specifies multiple matches for the HTTP inspection.
–
H323 Traffic Class—Specifies the HTTP traffic class match.
–
Manage—Opens the Manage HTTP Class Maps dialog box to add, edit, or delete HTTP Class
Maps.
• Action—Drop connection, reset, or log.
• Log—Enable or disable.
Modes
The following table shows the modes in which this feature is available:
ICMP Inspection
The ICMP inspection engine allows ICMP traffic to have a “session” so it can be inspected like TCP and
UDP traffic. Without the ICMP inspection engine, we recommend that you do not allow ICMP through
the adaptive security appliance in an access list. Without stateful inspection, ICMP can be used to attack
your network. The ICMP inspection engine ensures that there is only one response for each request, and
that the sequence number is correct.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—