Tuesday, August 17, 2010

How to redirect traffic to a CSC module on an ASA

First create an ACL that defines what traffic should be scanned.
access-list acl_CSC  permit tcp any any eq www
access-list acl_CSC extended permit tcp any any eq smtp
access-list acl_CSC extended permit tcp any any eq pop3 

Define a class map and associate the new acl.
class-map csc_inspect
 match access-list acl_CSC

Associate the class map to a policy map.
 policy-map csc_inspect_policy
 class csc_inspect
  csc fail-open

Specify the interfaces that should redirect to the CSC module
service-policy csc_inspect_policy interface outside
service-policy csc_inspect_policy interface inside

For more information on configuring the CSC blade or troubleshooting, please refer to Cisco's CSC guide. 

Posted by Jerome at 1:44 PM
Labels:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)