Does an ASA inspect all TCP/UDP by default and only for ICMP we need to add the inspection rule? Or it just inspects the protocols listed in the defualt inspection list here. I'm pretty sure it inspects http,rdp etc,. which is not here in this list. So what does this list actually indicate. Also, the inspect-dns policy map...does it only inspect dns packets less than 512B?
Also what do we mean by "default-inspection-traffic" ?
class-map inspection_default match default-inspection-traffic policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp service-policy global_policy global
The ASA inspects TCP and UDP as well as the upper layer protocols in the list. So TCP/UDP inspection is at least one layer below all of the protocols in inspection_default. Many of those protocols have special needs or concerns so are enabled by default, but are also listed. TCP can be set not to inspection by configuring TCP pass-thru.