EasyManuals Logo

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1266 background imageLoading...
Page #1266 background image
1-14
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the TLS Proxy for Encrypted Voice Inspection
Configuring the TLS Proxy for Encrypted Voice Inspection
Command Purpose
Step 1
hostname(config)# class-map class_map_name
Example:
hostname(config)# class-map sec_skinny
Configures the secure Skinny class of traffic to
inspect.
Where class_map_name is the name of the Skinny
class map.
Step 2
hostname(config-cmap)# match port tcp eq 2443
Matches the TCP port 2443 to which you want to
apply actions for secure Skinny inspection
Step 3
hostname(config-cmap)# exit
Step 4
hostname(config)# policy-map type inspect skinny
policy_map_name
Example:
hostname(config)# policy-map type inspect skinny
skinny_inspect
Defines special actions for Skinny inspection
application traffic.
Step 5
hostname(config-pmap)# parameters
hostname(config-pmap-p)# ! Skinny inspection
parameters
Specifies the parameters for Skinny inspection.
Parameters affect the behavior of the inspection
engine.
The commands available in parameters
configuration mode depend on the application.
Step 6
hostname(config-pmap-p)# exit Exits from Policy Map configuration mode.
Step 7
hostname(config)# policy-map name
Example:
hostname(config)# policy-map global_policy
Configure the policy map and attach the action to the
class of traffic.
Step 8
hostname(config-pmap)# class inspection_default
Specifies the default class map.
The configuration includes a default Layer 3/4 class
map that the ASA uses in the default global policy.
It is called inspection_default and matches the
default inspection traffic,
Step 9
hostname(config-pmap-c)# inspect skinny skinny_map
Example:
hostname(config-pmap-c)# inspect skinny
skinny_inspect
Enables SCCP (Skinny) application inspection.
Step 10
hostname(config-pmap)# class classmap_name
Example:
hostname(config-pmap)# class sec_skinny
Assigns a class map to the policy map where you can
assign actions to the class map traffic.
Step 11
hostname(config-pmap-c)# inspect skinny skinny_map
tls-proxy proxy_name
Example:
hostname(config-pmap-c)# inspect skinny
skinny_inspect tls-proxy my_proxy
Enables TLS proxy for the specified inspection
session.
Step 12
hostname(config-pmap-c)# exit
Exits from the Policy Map configuration mode.
Step 13
hostname(config)# service-policy policymap_name
global
Example:
hostname(config)# service-policy global_policy
global
Enables the service policy on all interfaces.

Table of Contents

Other manuals for Cisco ASA Series

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
ModelASA 5505
InterfacesVaries by model (Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, etc.)
High AvailabilityActive/Standby or Active/Active (varies by model)
Power SupplyVaries by model
Form FactorVaries by model
Operating SystemCisco ASA Software
IPsec VPNSupported
SSL VPNSupported
IPS ThroughputVaries by model

Related product manuals