Home > Cisco > Computer Equipment > Cisco Asdm 7 User Guide

Cisco Asdm 7 User Guide

Download as PDF Print this page Share this page

Have a look at the manual Cisco Asdm 7 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

662

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

692

693

694

695

696

697

698

699

700

701

702

703

704

705

706

707

708

709

710

711

712

713

714

715

716

717

718

719

720

721

722

723

724

725

726

727

728

729

730

731

732

733

734

735

736

737

738

739

740

741

742

743

744

745

746

747

748

749

750

751

752

753

754

View all the pages

Add page 301 to Favourites

image text

Enable zoom

							 
11-27
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 11      Configuring Inspection of Basic Internet Protocols
  HTTP Inspection
The Select HTTP Map dialog box lets you select or create a new HTTP map. An HTTP map lets you 
change the configuration values used for HTTP application inspection. The Select HTTP Map table 
provides a list of previously configured maps that you can select for application inspection.
Fields
Use the default HTTP inspection map—Specifies to use the default HTTP map.
Select an HTTP map for fine control over inspection—Lets you select a defined application 
inspection map or add a new one.
Add—Opens the Add Policy Map dialog box for the inspection.
HTTP Class Map
The HTTP Class Map dialog box is accessible as follows:
Configuration > Global Objects > Class Maps > HTTP
The HTTP Class Map pane lets you configure HTTP class maps for HTTP inspection.
An inspection class map matches application traffic with criteria specific to the application. You then 
identify the class map in the inspect map and enable actions. The difference between creating a class 
map and defining the traffic match directly in the inspect map is that you can create more complex match 
criteria and you can reuse class maps. The applications that support inspection class maps are DNS, FTP, 
H.323, HTTP, IM, and SIP.
Fields
Name—Shows the HTTP class map name.
Match Conditions—Shows the type, match criterion, and value in the class map.
–Match Type—Shows the match type, which can be a positive or negative match. 
–Criterion—Shows the criterion of the HTTP class map.
–Value—Shows the value to match in the HTTP class map.
Description—Shows the description of the class map.
Add—Adds an HTTP class map.
Edit—Edits an HTTP class map.
Delete—Deletes an HTTP class map.
Add/Edit HTTP Traffic Class Map
The Add/Edit HTTP Traffic Class Map dialog box is accessible as follows:
Configuration > Global Objects > Class Maps > HTTP > Add/Edit HTTP Traffic Class Map
The Add/Edit HTTP Traffic Class Map dialog box lets you define a HTTP class map.
Fields
Name—Enter the name of the HTTP class map, up to 40 characters in length.
Description—Enter the description of the HTTP class map.
Add—Adds an HTTP class map.

Add page 302 to Favourites

image text

Enable zoom

							 
11-28
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 11      Configuring Inspection of Basic Internet Protocols
  HTTP Inspection
Edit—Edits an HTTP class map.
Delete—Deletes an HTTP class map.
Add/Edit HTTP Match Criterion
The Add/Edit HTTP Match Criterion dialog box is accessible as follows:
Configuration > Global Objects > Class Maps > HTTP > Add/Edit HTTP Traffic Class Map > 
Add/Edit HTTP Match Criterion
The Add/Edit HTTP Match Criterion dialog box lets you define the match criterion and value for the 
HTTP class map.
Fields
Match Type—Specifies whether the class map includes traffic that matches the criterion, or traffic 
that does not match the criterion. 
For example, if No Match is selected on the string “example.com,” then any traffic that contains 
“example.com” is excluded from the class map.
Criterion—Specifies which criterion of HTTP traffic to match.
–Request/Response Content Type Mismatch—Specifies that the content type in the response 
must match one of the MIME types in the accept field of the request.
–Request Arguments—Applies the regular expression match to the arguments of the request.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Body Length—Applies the regular expression match to the body of the request with 
field length greater than the bytes specified.
Greater Than Length—Enter a field length value in bytes that request field lengths will be 
matched against.
–Request Body—Applies the regular expression match to the body of the request.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Header Field Count—Applies the regular expression match to the header of the request 
with a maximum number of header fields.
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type,

Add page 303 to Favourites

image text

Enable zoom

							 
11-29
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 11      Configuring Inspection of Basic Internet Protocols
  HTTP Inspection
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Greater Than Count—Enter the maximum number of header fields.
–Request Header Field Length—Applies the regular expression match to the header of the 
request with field length greater than the bytes specified.
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type, 
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Greater Than Length—Enter a field length value in bytes that request field lengths will be 
matched against.
–Request Header Field—Applies the regular expression match to the header of the request.
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type, 
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Header Count—Applies the regular expression match to the header of the request with 
a maximum number of headers.
Greater Than Count—Enter the maximum number of headers.
–Request Header Length—Applies the regular expression match to the header of the request with 
length greater than the bytes specified.
Greater Than Length—Enter a header length value in bytes.
–Request Header non-ASCII—Matches non-ASCII characters in the header of the request.
–Request Method—Applies the regular expression match to the method of the request.

Add page 304 to Favourites

image text

Enable zoom

11-30
Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
Method—Specifies to match on a request method: bcopy, bdelete, bmove, bpropfind,
bproppatch, connect, copy, delete, edit, get, getattribute, getattributenames, getproperties, head,
index, lock, mkcol, mkdir, move, notify, options, poll, post, propfind, proppatch, put, revadd,
revlabel, revlog, revnum, save, search, setattribute, startrev, stoprev, subscribe, trace, unedit,
unlock, unsubscribe.
Regular Expression—Specifies to match on a regular expression.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
–Request URI Length—Applies the regular expression match to the URI of the request with
length greater than the bytes specified.
Greater Than Length—Enter a URI length value in bytes.
–Request URI—Applies the regular expression match to the URI of the request.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
–Response Body—Applies the regex match to the body of the response.
ActiveX—Specifies to match on ActiveX.
Java Applet—Specifies to match on a Java Applet.
Regular Expression—Specifies to match on a regular expression.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
–Response Body Length—Applies the regular expression match to the body of the response with
field length greater than the bytes specified.
Greater Than Length—Enter a field length value in bytes that response field lengths will be
matched against.
–Response Header Field Count—Applies the regular expression match to the header of the
response with a maximum number of header fields.
Predefined—Specifies the response header fields: accept-ranges, age, allow, cache-control,
connection, content-encoding, content-language, content-length, content-location,
content-md5, content-range, content-type, date, etag, expires, last-modified, location, pragma,
proxy-authenticate, retry-after, server, set-cookie, trailer, transfer-encoding, upgrade, vary, via,
warning, www-authenticate.

Add page 305 to Favourites

image text

Enable zoom

11-31
Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Greater Than Count—Enter the maximum number of header fields.
–Response Header Field Length—Applies the regular expression match to the header of the
response with field length greater than the bytes specified.
Predefined—Specifies the response header fields: accept-ranges, age, allow, cache-control,
connection, content-encoding, content-language, content-length, content-location,
content-md5, content-range, content-type, date, etag, expires, last-modified, location, pragma,
proxy-authenticate, retry-after, server, set-cookie, trailer, transfer-encoding, upgrade, vary, via,
warning, www-authenticate.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Greater Than Length—Enter a field length value in bytes that response field lengths will be
matched against.
–Response Header Field—Applies the regular expression match to the header of the response.
Predefined—Specifies the response header fields: accept-ranges, age, allow, cache-control,
connection, content-encoding, content-language, content-length, content-location,
content-md5, content-range, content-type, date, etag, expires, last-modified, location, pragma,
proxy-authenticate, retry-after, server, set-cookie, trailer, transfer-encoding, upgrade, vary, via,
warning, www-authenticate.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.
–Response Header Count—Applies the regular expression match to the header of the response
with a maximum number of headers.
Greater Than Count—Enter the maximum number of headers.
–Response Header Length—Applies the regular expression match to the header of the response
with length greater than the bytes specified.
Greater Than Length—Enter a header length value in bytes.
–Response Header non-ASCII—Matches non-ASCII characters in the header of the response.
–Response Status Line—Applies the regular expression match to the status line.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure
regular expression class maps.

Add page 306 to Favourites

image text

Enable zoom

11-32
Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
HTTP Inspect Map
The HTTP Inspect Map dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP
The HTTP pane lets you view previously configured HTTP application inspection maps. An HTTP map
lets you change the default configuration values used for HTTP application inspection.
HTTP application inspection scans HTTP headers and body, and performs various checks on the data.
These checks prevent various HTTP constructs, content types, and tunneling and messaging protocols
from traversing the security appliance.
HTTP application inspection can block tunneled applications and non-ASCII characters in HTTP
requests and responses, preventing malicious content from reaching the web server. Size limiting of
various elements in HTTP request and response headers, URL blocking, and HTTP server header type
spoofing are also supported.
Fields
HTTP Inspect Maps—Table that lists the defined HTTP inspect maps.
Add—Configures a new HTTP inspect map. To edit an HTTP inspect map, choose the HTTP entry
in the HTTP Inspect Maps table and click Customize.
Delete—Deletes the inspect map selected in the HTTP Inspect Maps table.
Security Level—Select the security level (low, medium, or high).
–Low—Default.
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–Medium
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
–URI Filtering—Opens the URI Filtering dialog box to configure URI filters.
–Customize—Opens the Edit HTTP Policy Map dialog box for additional settings.
–Default Level—Sets the security level back to the default level of Medium.

Add page 307 to Favourites

image text

Enable zoom

11-33
Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
URI Filtering
The URI Filtering dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > URI Filtering
The URI Filtering dialog box lets you configure the settings for an URI filter.
Fields
Match Type—Shows the match type, which can be a positive or negative match.
Criterion—Shows the criterion of the inspection.
Value—Shows the value to match in the inspection.
Action—Shows the action if the match condition is met.
Log—Shows the log state.
Add—Opens the Add URI Filtering dialog box to add a URI filter.
Edit—Opens the Edit URI Filtering dialog box to edit a URI filter.
Delete—Deletes an URI filter.
Move Up—Moves an entry up in the list.
Move Down—Moves an entry down in the list.
Add/Edit HTTP Policy Map (Security Level)
The Add/Edit HTTP Policy Map (Security Level) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > HTTP Inspect Map > Basic View
The Add/Edit HTTP Policy Map pane lets you configure the security level and additional settings for
HTTP application inspection maps.
Fields
Name—When adding an HTTP map, enter the name of the HTTP map. When editing an HTTP map,
the name of the previously configured HTTP map is shown.
Description—Enter the description of the HTTP map, up to 200 characters in length.
Security Level—Select the security level (low, medium, or high).
–Low—Default.
Protocol violation action: Drop connection
Drop connections for unsafe methods: Disabled
Drop connections for requests with non-ASCII headers: Disabled
URI filtering: Not configured
Advanced inspections: Not configured
–Medium
Protocol violation action: Drop connection
Drop connections for unsafe methods: Allow only GET, HEAD, and POST
Drop connections for requests with non-ASCII headers: Disabled

Add page 308 to Favourites

image text

Enable zoom

11-34
Cisco ASA Series Firewall ASDM Configuration Guide

Chapter 11 Configuring Inspection of Basic Internet Protocols
HTTP Inspection
URI filtering: Not configured
Advanced inspections: Not configured
–High
Protocol violation action: Drop connection and log
Drop connections for unsafe methods: Allow only GET and HEAD.
Drop connections for requests with non-ASCII headers: Enabled
URI filtering: Not configured
Advanced inspections: Not configured
–URI Filtering—Opens the URI Filtering dialog box which lets you configure the settings for an
URI filter.
–Default Level—Sets the security level back to the default.
Details—Shows the Parameters and Inspections tabs to configure additional settings.
Add/Edit HTTP Policy Map (Details)
The Add/Edit HTTP Policy Map (Details) dialog box is accessible as follows:
Configuration > Global Objects > Inspect Maps > HTTP > HTTP Inspect Map > Advanced View
The Add/Edit HTTP Policy Map pane lets you configure the security level and additional settings for
HTTP application inspection maps.
Fields
Name—When adding an HTTP map, enter the name of the HTTP map. When editing an HTTP map,
the name of the previously configured HTTP map is shown.
Description—Enter the description of the HTTP map, up to 200 characters in length.
Security Level—Shows the security level and URI filtering settings to configure.
Parameters—Tab that lets you configure the parameters for the HTTP inspect map.
–Check for protocol violations—Checks for HTTP protocol violations.
Action—Drop Connection, Reset, Log.
Log—Enable or disable.
–Spoof server string—Replaces the server HTTP header value with the specified string.
Spoof String—Enter a string to substitute for the server header field. Maximum is 82 characters.
–Body Match Maximum—The maximum number of characters in the body of an HTTP message
that should be searched in a body match. Default is 200 bytes. A large number will have a
significant impact on performance.
Inspections—Tab that shows you the HTTP inspection configuration and lets you add or edit.
–Match Type—Shows the match type, which can be a positive or negative match.
–Criterion—Shows the criterion of the HTTP inspection.
–Value—Shows the value to match in the HTTP inspection.
–Action—Shows the action if the match condition is met.
–Log—Shows the log state.

Add page 309 to Favourites

image text

Enable zoom

							 
11-35
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 11      Configuring Inspection of Basic Internet Protocols
  HTTP Inspection
–Add—Opens the Add HTTP Inspect dialog box to add an HTTP inspection.
–Edit—Opens the Edit HTTP Inspect dialog box to edit an HTTP inspection.
–Delete—Deletes an HTTP inspection.
–Move Up—Moves an inspection up in the list.
–Move Down—Moves an inspection down in the list.
Add/Edit HTTP Map
The Add/Edit HTTP Map dialog box is accessible as follows:
Configuration > Global Objects  > Inspect Maps > HTTP > HTTP Inspect Map > Advanced View 
> Add/Edit HTTP Inspect
The Add/Edit HTTP Inspect dialog box lets you define the match criterion and value for the HTTP 
inspect map.
Fields
Single Match—Specifies that the HTTP inspect has only one match statement.
Match Type—Specifies whether traffic should match or not match the values. 
For example, if No Match is selected on the string “example.com,” then any traffic that contains 
“example.com” is excluded from the class map.
Criterion—Specifies which criterion of HTTP traffic to match.
–Request/Response Content Type Mismatch—Specifies that the content type in the response 
must match one of the MIME types in the accept field of the request.
–Request Arguments—Applies the regular expression match to the arguments of the request.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Body Length—Applies the regular expression match to the body of the request with 
field length greater than the bytes specified.
Greater Than Length—Enter a field length value in bytes that request field lengths will be 
matched against.
–Request Body—Applies the regular expression match to the body of the request.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Header Field Count—Applies the regular expression match to the header of the request 
with a maximum number of header fields.

Add page 310 to Favourites

image text

Enable zoom

							 
11-36
Cisco ASA Series Firewall ASDM Configuration Guide
 
Chapter 11      Configuring Inspection of Basic Internet Protocols
  HTTP Inspection
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type, 
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Greater Than Count—Enter the maximum number of header fields.
–Request Header Field Length—Applies the regular expression match to the header of the 
request with field length greater than the bytes specified.
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type, 
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Greater Than Length—Enter a field length value in bytes that request field lengths will be 
matched against.
–Request Header Field—Applies the regular expression match to the header of the request.
Predefined—Specifies the request header fields: accept, accept-charset, accept-encoding, 
accept-language, allow, authorization, cache-control, connection, content-encoding, 
content-language, content-length, content-location, content-md5, content-range, content-type, 
cookie, date, expect, expires, from, host, if-match, if-modified-since, if-none-match, if-range, 
if-unmodified-since, last-modified, max-forwards, pragma, proxy-authorization, range, referer, 
te, trailer, transfer-encoding, upgrade, user-agent, via, warning.
Regular Expression—Lists the defined regular expressions to match.
Manage—Opens the Manage Regular Expressions dialog box, which lets you configure regular 
expressions.
Regular Expression Class—Lists the defined regular expression classes to match.
Manage—Opens the Manage Regular Expression Class dialog box, which lets you configure 
regular expression class maps.
–Request Header Count—Applies the regular expression match to the header of the request with 
a maximum number of headers.
Greater Than Count—Enter the maximum number of headers.
–Request Header Length—Applies the regular expression match to the header of the request with 
length greater than the bytes specified.
Greater Than Length—Enter a header length value in bytes.
–Request Header non-ASCII—Matches non-ASCII characters in the header of the request.
–Request Method—Applies the regular expression match to the method of the request.

All Cisco manuals Comments (0)