Cisco Cisco IOS Software Release 12.4(11)T
H.323 RAS Support in Cisco IOS Firewall
Restrictions for H.323 RAS Support in Cisco IOS Firewall
2
Cisco IOS Security Configuration Guide
Restrictions for H.323 RAS Support in Cisco IOS Firewall
H.225 RAS inspection is supported only with zone-based policy firewall inspection.
How to Configure a Firewall Policy for H.323 RAS Protocol
Inspection
Inspection
This section contains the following configuration tasks:
•
•
Configuring a Class Map for H.323 RAS Protocol Inspection
Use this task to configure a class map for classifying network traffic.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
class-map type inspect [match any | match all] class-map-name
4.
match access-group {access-group | name access-group-name}
5.
match protocol protocol-name [signature]
6.
match class-map class-map-name
7.
exit
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Router> enable
Enables privileged EXEC mode.
•
Enter your password if prompted.
Step 2
configure
terminal
Example:
Router# configure terminal
Enters global configuration mode.
Step 3
class-map type inspect
[match-any | match-all]
class-map-name
Example:
Router(config)# class-map type inspect
match-all c1
Creates a Layer 3 or Layer 4 inspect type class map and
enters class-map configuration mode.
enters class-map configuration mode.