Verifying and monitoring gtp inspection – Cisco ASA 5505 User Manual

Page 954

Advertising
background image

46-8

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 46 Configuring Inspection for Management Application Protocols

GTP Inspection

The request keyword specifies the maximum period of time allowed before beginning to receive the
GTP message.

The signaling keyword specifies the period of inactivity after which the GTP signaling will be
removed.

The tunnel keyword specifies the period of inactivity after which the GTP tunnel will be torn down.

The hh:mm:ss argument is the timeout where hh specifies the hour, mm specifies the minutes, and
ss specifies the seconds. The value 0 means never tear down.

j.

To specify the maximum number of GTP tunnels allowed to be active on the ASA, enter the
following command:

hostname(config-gtp-map)# tunnel-limit max_tunnels

where the max_tunnels argument is the maximum number of tunnels allowed, from 1 to
4294967295. The default is 500.

New requests will be dropped once the number of tunnels specified by this command is reached.

The following example shows how to limit the number of tunnels in the network:

hostname(config)# policy-map type inspect gtp gmap

hostname(config-pmap)# parameters

hostname(config-pmap-p)# tunnel-limit 3000

hostname(config)# policy-map global_policy

hostname(config-pmap)# class inspection_default

hostname(config-pmap-c)# inspect gtp gmap

hostname(config)# service-policy global_policy global

Verifying and Monitoring GTP Inspection

To display GTP configuration, enter the show service-policy inspect gtp command in privileged EXEC
mode. For the detailed syntax for this command, see the command page in the command reference.

Use the show service-policy inspect gtp statistics command to show the statistics for GTP inspection.
The following is sample output from the show service-policy inspect gtp statistics command:

hostname# show service-policy inspect gtp statistics

GPRS GTP Statistics:

version_not_support 0 msg_too_short 0

unknown_msg 0 unexpected_sig_msg 0

unexpected_data_msg 0 ie_duplicated 0

mandatory_ie_missing 0 mandatory_ie_incorrect 0

optional_ie_incorrect 0 ie_unknown 0

ie_out_of_order 0 ie_unexpected 0

total_forwarded 0 total_dropped 0

signalling_msg_dropped 0 data_msg_dropped 0

signalling_msg_forwarded 0 data_msg_forwarded 0

total created_pdp 0 total deleted_pdp 0

total created_pdpmcb 0 total deleted_pdpmcb 0

pdp_non_existent 0

You can use the vertical bar (|) to filter the display. Type ?| for more display filtering options.

The following is sample GSN output from the show service-policy inspect gtp statistics gsn command:

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals