01-14-2011 03:15 AM - edited 03-11-2019 12:35 PM
Hi,
I have a couple of Cisco 1811 IOS routers and I'm looking for a way to block P2P and instant messaging traffic on my networks. I understand there are different ways to do that, but I'm absolutely not sure what the right way is.
I tried to configure "ip inspect" rules but it didn't worked at all. I also read about NBAR but then read a comment about it beeing "too old" to approach todays P2P technics.
Basically I have 4 sites, each site has a single LAN configured as a VLAN interface. I need to configure firewalling to block everything except HTTP/S, DNS, ICMP, FTP, SMTP and NTP. I also need to make sure that VPN traffic is not affected by firewall rules.
I don't have access to my router configs from my current location, I will attach them later to this post.
Any help on how to accomplish my task would be greatly appreciated.
kind regards,
Sebastian
Solved! Go to Solution.
01-14-2011 05:01 AM
Hi,
I suggest that you have a look at configuring Zone Based Firewalls (ZBF).
See below a design guide
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
See below allowing VPN traffic through a ZBF
See below a link describing the differences between a Classic IOS firewall and ZBF
See also a sample config of a ZBF
http://www.dslreports.com/faq/15839
Please remember to rate all posts that are helpful
01-14-2011 05:01 AM
Hi,
I suggest that you have a look at configuring Zone Based Firewalls (ZBF).
See below a design guide
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml
See below allowing VPN traffic through a ZBF
See below a link describing the differences between a Classic IOS firewall and ZBF
See also a sample config of a ZBF
http://www.dslreports.com/faq/15839
Please remember to rate all posts that are helpful
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide