07-31-2012 10:43 AM - edited 03-11-2019 04:36 PM
Hello Gus,
We have many clients who are misusing our company bandwidth by downloading files through BitTorrent and Download-Managers. i tried alot to block it but no luck.
Can anyone intruct me on how to block them on ASA device ?
07-31-2012 04:20 PM
You don't block them in the ASA.
You can use AD to block applications like BitTorrent and DM from running.
08-01-2012 02:05 AM
hi
you can block bit torrent
http://wiki.wireshark.org/BitTorrent ---> you can use this guide for the tcp ports.
Ports range for Bit torrent
Bittorrent uses TCP to transfer files and UDP for searching. It will use port 80 if the default TCP ports 6881-6889,6969 and 8080 can not be reached. Some bittorrent clients also support HTTP downloading.To completely block BT, please block UDP port 1024-65534 in your router.
then make acl based on that and apply it
do rate if helpful.
Nitesh
08-02-2012 12:03 AM
It is not working.
isn't there any other ways to block it through ASA ? i dont have AD
08-02-2012 12:29 AM
hi Iram,
regex bit-torrent-tracker ".*[Ii][Nn][Ff][Oo]_[Hh][Aa][Ss][Hh]=.*"
object-group service BitTorrent-Tracker tcp
description TCP Ports used by Bit Torrent for tracker communication
port-object eq 2710
port-object eq 6969
object-group service Blocked-UDP-Ports udp
description All ports blocked for Bit Torrent UDP DHT (all ephemeral ports except VPN encapsulation)
port-object range 10001 65535
port-object range 1024 9999
class-map type inspect http match-all bit-torrent-tracker
description Bit Torrent Tracker communication
match request args regex bit-torrent-tracker
match request method get
policy-map type inspect http Drop-P2P
description Drop protocol violations, Kazaa, gator and Bit Torrent Tracker traffic
parameters
protocol-violation action log
class _default_gator
drop-connection log
class _default_kazaa
drop-connection log
class bit-torrent-tracker
drop-connection log
policy-map global_policy
class inspection_default
inspect http Drop-P2P
Thanks,
Nitesh
Please rate if helpful
08-02-2012 01:31 AM
it is not working
08-02-2012 01:40 AM
did you apply the policy map or not??
or just copy pasted the configuration on top??
08-02-2012 01:52 AM
object-group service Blocked-UDP-Ports udp
description All ports blocked for Bit Torrent UDP DHT (all ephemeral ports except VPN encapsulation)
port-object range 10001 65535
port-object range 1024 9999
object-group service BitTorrent-Tracker tcp
description TCP Ports used by Bit Torrent for tracker communication
port-object eq 2710
port-object range 6881 6999
access-list inside_access_in extended deny udp any any object-group Blocked-UDP-Ports log warnings inactive
access-list inside_access_in extended deny tcp any any object-group BitTorrent-Tracker log warnings inactive
access-list inside_access_in extended permit tcp any any
Apply the access list in the inside interface it might need modifications depending on your configuration and its just a sample configuration
regex bit-torrent-tracker ".*[Ii][Nn][Ff][Oo]_[Hh][Aa][Ss][Hh]=.*"
class-map type inspect http match-all bit-torrent-tracker
description Bit Torrent Tracker communication
match request args regex bit-torrent-tracker
match request method get
policy-map type inspect http Drop-P2P
description Drop protocol violations Bit Torrent Tracker traffic
parameters
protocol-violation action log
class bit-torrent-tracker
drop-connection log
policy-map global_policy
class inspection_default
inspect http Drop-P2P
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide