Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8573
Views
18
Helpful
7
Replies

block teamviwer on cisco asa 5520 8.2

Ibrahim Jamil
Level 6
Level 6

‎06-26-2012 10:37 AM - edited ‎03-11-2019 04:23 PM

Hi Experts

I have the below policy-Map in my firewall,according to this policy map please how can i block teamvirewer via asa 5520, i don't want the outside users to connect using teamviewer to their servers which is already ready up for teamviewer actions

i want to allow only 1 ip address to use team viewer (172.30.30.100)

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect h323 h225

  inspect sqlnet

  inspect netbios

  inspect tftp

  inspect sip 

  inspect ftp

!

service-policy global_policy global

thanks

jamil

1 person had this problem
Labels:
0 Helpful
7 Replies 7

Fareeduddin Shaik
Level 1
Level 1

‎07-02-2012 12:40 AM

Hi Jamil

Block 5938 port on firewall !!! that can help..

Regards

Fareed

0 Helpful

Ibrahim Jamil
Level 6
Level 6
In response to Fareeduddin Shaik

‎07-06-2012 01:31 AM

Hi

where to Apply the ACL? inside or outside?pls mention the syntax

thanks

0 Helpful

shavani1994
Level 1
Level 1
In response to Ibrahim Jamil

‎06-22-2018 12:14 PM

Inside. 

0 Helpful

Karsten Iwen
VIP
VIP

‎07-06-2012 03:58 AM

That won't work. Teamviewer is designed to work through Firewalls and Proxys:

http://www.teamviewer.com/en/help/9-Does-it-work-behind-firewalls-proxy-server-and-NAT-routers.aspx

http://www.teamviewer.com/en/help/334-Which-ports-are-used-by-TeamViewer.aspx

The following could work:

1) Block all Teamviewer-IPs for your network.

2) Restrict the outgoing traffic and send everything through a proxy which also can inspect SSL. There you should be able to filter on the communication.

Ibrahim Jamil
Level 6
Level 6
In response to Karsten Iwen

‎07-06-2012 05:04 AM

Hi Karstein

pls provide me the full configuration to block teamviewer along with the verification

thanks

0 Helpful

Ramraj Sivagnanam Sivajanam
Level 4
Level 4

‎07-28-2012 01:01 PM

Hi Bro

TeamViewer (TV) is application that used to create remote access connection to PC anywhere. Even if the PC located behind the firewall. TV client using port 80 for the outbound connection, it is difficult to block using port basis. So, because TV client must be connected first to the TV server, we can use another aproach, that is blocking every dns request for the *.teamviewer.com and/or *.dyngate.com.

So, these are the configuration if we use Cisco ASA Firewall (i am using OS ver 8.x):

regex TV-RGX “\.teamviewer\.com”

regex DG-RGX “\.dyngate\.com”

class-map type regex match-any TV-CLS

match regex DG-RGX

match regex TV-RGX

policy-map type inspect dns TV-PLC

parameters

message-length maximum 512

match domain-name regex class TV-CLS

drop

policy-map global_policy

class inspection_default

inspect dns TV-PLC

service-policy global_policy global

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards,
Ramraj Sivagnanam Sivajanam

Ibrahim Jamil
Level 6
Level 6
In response to Ramraj Sivagnanam Sivajanam

‎08-07-2012 08:11 AM

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card