Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
1
Replies

Can FWSM v 4.0x block IM and P2P somehow?

emgalanme
Level 1
Level 1

‎09-08-2011 06:48 PM - edited ‎03-11-2019 02:22 PM

Hello guys, i am kind of frustrated... i have always been able to block IM and some certain types of P2P with PIX and ASAs, but i was trying to insert that same MPF configuration into a FWSM and doesnt recognize the class-map type inspect im configuration... does anybody know if IM and P2P blocking is supported in FWSM?

Thanks a lot,

Emilio

Labels:
0 Helpful
1 Reply 1

Parminder Sian
Level 1
Level 1

‎09-12-2011 09:45 PM

Hi Emilio,

You may use the following configuration commands as an example, changing or adding information as you feel necessary.  This is just a base  configuration and may not suppress all P2P traffic as new applications

are discovered daily.

http-map inbound_http

content-length min 100 max 2000 action reset log

content-type-verification match-req-rsp action reset log

max-header-length request 100 action reset log

max-uri-length 100 action reset log

port-misuse p2p action drop

port-misuse im action drop

port-misuse default action allow

class-map http-port

match port tcp eq www

policy-map inbound_policy

class http-port

  inspect http inbound_http

service-policy inbound_policy interface outside

Hope this helps,

Sian

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card