Support User Manuals

Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

24-68

Cisco ASDM User Guide

OL-16647-01

Chapter 24 Configuring Application Layer Protocol Inspection

Inspect Map Field Descriptions

Drop packets that exceed specified maximum length (global)—Drops packets that exceed

maximum length in bytes.

Maximum Packet Length—Enter maximum packet length in bytes.

–

Server Settings—Applies settings on the server only.

Drop packets that exceed specified maximum length——Drops packets that exceed maximum

length in bytes.

Maximum Packet Length—Enter maximum packet length in bytes.

Drop packets sent to server that exceed length indicated by the RR—Drops packets sent to the

server that exceed the length indicated by the Resource Record.

–

Client Settings—Applies settings on the client only.

Drop packets that exceed specified maximum length——Drops packets that exceed maximum

length in bytes.

Maximum Packet Length—Enter maximum packet length in bytes.

Drop packets sent to client that exceed length indicated by the RR—Drops packets sent to the

client that exceed the length indicated by the Resource Record.

• Mismatch Rate—Tab that lets you configure the ID mismatch rate for DNS.

–

Enable Logging when DNS ID mismatch rate exceeds specified rate—Reports excessive

instances of DNS identifier mismatches.

Mismatch Instance Threshold—Enter the maximum number of mismatch instances before a

system message log is sent.

Time Interval—Enter the time period to monitor (in seconds).

• Inspections—Tab that shows you the DNS inspection configuration and lets you add or edit.

–

Match Type—Shows the match type, which can be a positive or negative match.

–

Criterion—Shows the criterion of the DNS inspection.

–

Value—Shows the value to match in the DNS inspection.

–

Action—Shows the action if the match condition is met.

–

Log—Shows the log state.

–

Add—Opens the Add DNS Inspect dialog box to add a DNS inspection.

–

Edit—Opens the Edit DNS Inspect dialog box to edit a DNS inspection.

–

Delete—Deletes a DNS inspection.

–

Move Up—Moves an inspection up in the list.

–

Move Down—Moves an inspection down in the list.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

• • • •—

previous next