Support User Manuals

Cisco Systems ASA Services Module Webcam User Manual

Open as PDF

of 754

11-25

Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols

FTP Inspection

–

Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure

regular expression class maps.

• File Type Criterion Values—Specifies the value details for FTP file type match.

–

Regular Expression—Lists the defined regular expressions to match.

–

Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular

expressions.

–

Regular Expression Class—Lists the defined regular expression classes to match.

–

Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure

regular expression class maps.

• Server Criterion Values—Specifies the value details for FTP server match.

–

Regular Expression—Lists the defined regular expressions to match.

–

Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular

expressions.

–

Regular Expression Class—Lists the defined regular expression classes to match.

–

Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure

regular expression class maps.

• User Name Criterion Values—Specifies the value details for FTP user name match.

–

Regular Expression—Lists the defined regular expressions to match.

–

Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular

expressions.

–

Regular Expression Class—Lists the defined regular expression classes to match.

–

Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure

regular expression class maps.

• Multiple Matches—Specifies multiple matches for the FTP inspection.

–

FTP Traffic Class—Specifies the FTP traffic class match.

–

Manage—Opens the Manage FTP Class Maps dialog box to add, edit, or delete FTP Class

Maps.

• Action—Reset.

• Log—Enable or disable.

Verifying and Monitoring FTP Inspection

FTP application inspection generates the following log messages:

• An Audit record 303002 is generated for each file that is retrieved or uploaded.

• The FTP command is checked to see if it is RETR or STOR and the retrieve and store commands

are logged.

• The username is obtained by looking up a table providing the IP address.

• The username, source IP address, destination IP address, NAT address, and the file operation are

logged.

• Audit record 201005 is generated if the secondary dynamic channel preparation failed due to

memory shortage.

previous next