ASA 5505 Policy Map global_policy
Posted on 2014-11-10
Can someone please explain in plain English an explanation\summary of what the Policy map actually does? It inspects the protocols listed underneath I suppose, but how does it define inspect?
Does it matter what order the protocols are inspected in? For example some of my ASA's have this at the bottom of the policy-map global_policy, while others have it in the middle.
I also see an ACL for this entry below but the global_mpc (which I assume is global map policy?), isnt in the policy-map global_policy. What is the purpose of "policy-map global_policy"?
# show run access-list global_mpc
access-list global_mpc extended permit ip any any
policy-map type inspect dns preset_dns_map
message-length maximum client auto
message-length maximum 512
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras