Link to home
Start Free TrialLog in
Avatar of dcawood
dcawoodFlag for United States of America

asked on

Class Map is not matching traffic on Global Policy???

I am trying to set the timeout for traffic using an acl and non of the traffic is getting hits?? any idea why this could be? also when I run a packet-trace, I don't see it hit the proper class map?

class-map 48_HOUR_TCP_TIMEOUT
 match access-list 48_HOUR_TCP_TIMEOUT
class-map SUNRPC-TCP
 match access-list SUN-RPC
class-map inspection_default
 match default-inspection-traffic
class-map flow_export_class
 match any
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class 48_HOUR_TCP_TIMEOUT
  set connection random-sequence-number disable
  set connection timeout idle 48:00:00
  set connection decrement-ttl
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect ip-options
  inspect netbios
  inspect rsh
  inspect tftp
  inspect xdmcp
 class class-default
  user-statistics accounting
  set connection decrement-ttl


-------------------------------------------------------


Phase: 6
Type: CONN-SETTINGS
Subtype:
Result: ALLOW
Config:
class-map class-default
 match any
policy-map global_policy
 class class-default
  set connection decrement-ttl
service-policy global_policy global
Additional Information:
ASKER CERTIFIED SOLUTION
Avatar of harbor235
harbor235
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dcawood

ASKER

I had to make a new policy-map, we used dcd with idle time-out, and a service policy to the two interfaces. all is working now :)