Filter
Top Products
24-89
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
Inspect Map Field Descriptions
–
Value—Specifies whether value is an exact match or a range.
Equals—Enter a value.
Range—Enter a range of values.
–
Action—Drop packet.
–
Log—Enable or disable.
Modes
The following table shows the modes in which this feature is available:
H.323 Inspect Map
The H.323 pane lets you view previously configured H.323 application inspection maps. An H.323 map
lets you change the default configuration values used for H.323 application inspection.
H.323 inspection supports RAS, H.225, and H.245, and its functionality translates all embedded IP
addresses and ports. It performs state tracking and filtering and can do a cascade of inspect function
activation. H.323 inspection supports phone number filtering, dynamic T.120 control, H.245 tunneling
control, HSI groups, protocol state tracking, H.323 call duration enforcement, and audio/video control.
Fields
• H.323 Inspect Maps—Table that lists the defined H.323 inspect maps.
• Add—Configures a new H.323 inspect map. To edit an H.323 inspect map, select the H.323 entry in
the H.323 Inspect Maps table and click Customize.
• Delete—Deletes the inspect map selected in the H.323 Inspect Maps table.
• Security Level—Select the security level (low, medium, or high).
–
Low—Default.
State Checking h225 Disabled
State Checking ras Disabled
Call Party Number Disabled
Call duration Limit Disabled
RTP conformance not enforced
–
Medium
State Checking h225 Enabled
State Checking ras Enabled
Call Party Number Disabled
Call duration Limit Disabled
RTP conformance enforced
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—