EasyManuals Logo
Home>Cisco>Firewall>ASA 5512-X

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1080 background imageLoading...
Page #1080 background image
1-18
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring a Service Policy Using the Modular Policy Framework
Monitoring Modular Policy Framework
Detailed Steps
Examples
For example, the following command enables the inbound_policy policy map on the outside interface:
hostname(config)# service-policy inbound_policy interface outside
The following commands disable the default global policy, and enables a new one called
new_global_policy on all other ASA interfaces:
hostname(config)# no service-policy global_policy global
hostname(config)# service-policy new_global_policy global
Monitoring Modular Policy Framework
To monitor Modular Policy Framework, enter the following command:
Configuration Examples for Modular Policy Framework
This section includes several Modular Policy Framework examples and includes the following topics:
Applying Inspection and QoS Policing to HTTP Traffic, page 1-19
Applying Inspection to HTTP Traffic Globally, page 1-19
Applying Inspection and Connection Limits to HTTP Traffic to Specific Servers, page 1-20
Applying Inspection to HTTP Traffic with NAT, page 1-21
Command Purpose
service-policy policy_map_name interface
interface_name [fail-close]
Example:
hostname(config)# service-policy
inbound_policy interface outside
Creates a service policy by associating a policy map with an interface.
Specify the fail-close option to generate a syslog (767001) for IPv6 traffic
that is dropped by application inspections that do not support IPv6 traffic.
By default, syslogs are not generated. For a list of inspections that support
IPv6, see the “IPv6 Guidelines” section on page 1-6.
service-policy policy_map_name global
[fail-close]
Example:
hostname(config)# service-policy
inbound_policy global
Creates a service policy that applies to all interfaces that do not have a
specific policy. Specify the fail-close option to generate a syslog (767001)
for IPv6 traffic that is dropped by application inspections that do not
support IPv6 traffic. By default, syslogs are not generated. For a list of
inspections that support IPv6, see the “IPv6 Guidelines” section on
page 1-6.
Command Purpose
show service-policy
Displays the service policy statistics.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
BrandCisco
ModelASA 5512-X
CategoryFirewall
LanguageEnglish

Related product manuals