cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

497
Views
0
Helpful
1
Replies
Highlighted
Beginner

Can FWSM v 4.0x block IM and P2P somehow?

Hello guys, i am kind of frustrated... i have always been able to block IM and some certain types of P2P with PIX and ASAs, but i was trying to insert that same MPF configuration into a FWSM and doesnt recognize the class-map type inspect im configuration... does anybody know if IM and P2P blocking is supported in FWSM?

Thanks a lot,

Emilio

1 REPLY 1
Highlighted
Beginner

Can FWSM v 4.0x block IM and P2P somehow?

Hi Emilio,

You may use the following configuration commands as an example, changing or adding information as you feel necessary.  This is just a base  configuration and may not suppress all P2P traffic as new applications

are discovered daily.

http-map inbound_http

content-length min 100 max 2000 action reset log

content-type-verification match-req-rsp action reset log

max-header-length request 100 action reset log

max-uri-length 100 action reset log

port-misuse p2p action drop

port-misuse im action drop

port-misuse default action allow

class-map http-port

match port tcp eq www

policy-map inbound_policy

class http-port

  inspect http inbound_http

service-policy inbound_policy interface outside

Hope this helps,

Sian