Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
935
Views
0
Helpful
1
Replies

ASA-SSM and P2P inspection

kirvin1
Level 1
Level 1

‎01-15-2011 11:45 AM - edited ‎03-10-2019 05:14 AM

I manage an ASA 5520 with an ASA-SSM module at our university.  The ASA-SSM-10 works well in detecting P2P traffic.  When P2P is detected, the firewall is configured to deny the attacker Internet access for 1 hour.  The "attacker" in our case would be the internal device initiating the P2P traffic.  So, the IPS will put our internal users in the "denied atttacker" list.  Which is the way we want it; to preserve our ISP bandwidth. 

  Frequently new users come onto campus with P2P applications running and wonder why they can't get on the Internet.

  However, I would like to know a method of redirecting the denied "attacker" to a web page that alerts them to the fact they have been denied and offer solutions for them to gain Internet access on thier own rather than calling the helpdesk.  I have not been able to find a solution in the documentation.

Labels:
0 Helpful
1 Reply 1

Christopher Dreier
Level 3
Level 3

‎01-15-2011 04:50 PM

Hello Kirvin1,

The IPS itself does not have this functionality. Have you considered only blocking the P2P traffic while allowing all other traffic to continue? That should reduce the amount of support calls and hopefully cause the students to deduce what is not allowed.

Thank you,

Blayne

Sent from Cisco Technical Support iPhone App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card