dcawood
asked on
Class Map is not matching traffic on Global Policy???
I am trying to set the timeout for traffic using an acl and non of the traffic is getting hits?? any idea why this could be? also when I run a packet-trace, I don't see it hit the proper class map?
class-map 48_HOUR_TCP_TIMEOUT
match access-list 48_HOUR_TCP_TIMEOUT
class-map SUNRPC-TCP
match access-list SUN-RPC
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
match any
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class 48_HOUR_TCP_TIMEOUT
set connection random-sequence-number disable
set connection timeout idle 48:00:00
set connection decrement-ttl
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect ip-options
inspect netbios
inspect rsh
inspect tftp
inspect xdmcp
class class-default
user-statistics accounting
set connection decrement-ttl
-------------------------- ---------- ---------- ---------
Phase: 6
Type: CONN-SETTINGS
Subtype:
Result: ALLOW
Config:
class-map class-default
match any
policy-map global_policy
class class-default
set connection decrement-ttl
service-policy global_policy global
Additional Information:
class-map 48_HOUR_TCP_TIMEOUT
match access-list 48_HOUR_TCP_TIMEOUT
class-map SUNRPC-TCP
match access-list SUN-RPC
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
match any
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class 48_HOUR_TCP_TIMEOUT
set connection random-sequence-number disable
set connection timeout idle 48:00:00
set connection decrement-ttl
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect ip-options
inspect netbios
inspect rsh
inspect tftp
inspect xdmcp
class class-default
user-statistics accounting
set connection decrement-ttl
--------------------------
Phase: 6
Type: CONN-SETTINGS
Subtype:
Result: ALLOW
Config:
class-map class-default
match any
policy-map global_policy
class class-default
set connection decrement-ttl
service-policy global_policy global
Additional Information:
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER