47-48
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 47 Configuring Inspection of Basic Internet Protocols
IPsec Pass Through Inspection
–
Default Level—Sets the security level back to the default level of Low.
Modes
The following table shows the modes in which this feature is available:
Add/Edit IPsec Pass Thru Policy Map (Security Level)
The Add/Edit IPsec Pass Thru Policy Map (Security Level) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > IPsec Pass Through>
IPsec Pass Through Inspect Map > Basic View
The Add/Edit IPsec Pass Thru Policy Map pane lets you configure the security level and additional
settings for IPsec Pass Thru application inspection maps.
Fields
• Name—When adding an IPsec Pass Thru map, enter the name of the IPsec Pass Thru map. When
editing an IPsec Pass Thru map, the name of the previously configured IPsec Pass Thru map is
shown.
• Security Level—Select the security level (high or low).
–
Low—Default.
Maximum ESP flows per client: Unlimited.
ESP idle timeout: 00:10:00.
Maximum AH flows per client: Unlimited.
AH idle timeout: 00:10:00.
–
High
Maximum ESP flows per client:10.
ESP idle timeout: 00:00:30.
Maximum AH flows per client: 10.
AH idle timeout: 00:00:30.
–
Default Level—Sets the security level back to the default level of Low.
• Details—Shows additional parameter settings to configure.
Mode
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—