Does an ASA inspect all TCP/UDP by default and only for ICMP we need to add the inspection rule? Or it just inspects the protocols listed in the defualt inspection list here. I'm pretty sure it inspects http,rdp etc,. which is not here in this list. So what does this list actually indicate. Also, the inspect-dns policy map...does it only inspect dns packets less than 512B?
Also what do we mean by "default-inspection-traffic" ?
policy-map type inspect dns preset_dns_map
message-length maximum 512
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
service-policy global_policy global
The ASA inspects TCP and UDP as well as the upper layer protocols in the list. So TCP/UDP inspection is at least one layer below all of the protocols in inspection_default. Many of those protocols have special needs or concerns so are enabled by default, but are also listed. TCP can be set not to inspection by configuring TCP pass-thru.