Cisco Cisco ASA 5525-X Adaptive Security Appliance - No Payload Encryption Manual Técnica
18
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(1)
Application Inspections
Application Inspections
This XML example shows application inspections associated with interfaces (global application
inspection is not supported), matches default inspection traffic, and enables HTTP inspection. Also
included is application inspection on internal and external interfaces.
inspection is not supported), matches default inspection traffic, and enables HTTP inspection. Also
included is application inspection on internal and external interfaces.
ASA Configuration
class-map inspection_internalIf
match default-inspection-traffic
policy-map internalIf
class inspection_internalIf
inspect http
service-policy internalIf interface internalIf
XML Example
<polUni>
<fvTenant name="tenant1">
<vnsAbsGraph name = "WebGraph">
<vnsAbsNode name = "FW1">
<vnsAbsDevCfg>
<vnsAbsFolder key="Interface" name="internalIf">
<vnsAbsFolder key="ServicePolicy" name="Inspection-Policy">
<vnsAbsParam key="ServicePolicyState" name="PolicyState" value="enable"/>
<vnsAbsFolder key="ApplicationInspection" name="ApplicationInspection">
<vnsAbsFolder key="InspectionSettings" name="InspectionSettingsA">
<vnsAbsParam key="http" name="http" value="enable"/>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsFolder>
</vnsAbsDevCfg>
</vnsAbsNode>
</vnsAbsGraph>
</fvTenant>
</polUni>
Global NetFlow
This XML example sets up the NetFlow feature. The example shows how to create a simple access list
to which traffic is matched, creates a NetFlow object, and enables NetFlow globally for the NetFlow
objects. Also included is NetFlow on internal and external interfaces.
to which traffic is matched, creates a NetFlow object, and enables NetFlow globally for the NetFlow
objects. Also included is NetFlow on internal and external interfaces.
ASA Configuration
class-map netflow_default
match any