I would like to ask how to block torrent traffic on asa 5510?
I tried to this config. but didn't work. any idea??
object-group service Blocked-UDP-Ports udp
description All ports blocked for Bit Torrent UDP
port-object range 10001 65535
port-object range 1024 1193
port-object range 1195 9999
object-group service BitTorrent-Tracker tcp
description TCP Ports used by Bit Torrent for tracker communication
port-object eq 2710
port-object range 6881 6999
access-list inside_access_in extended deny udp any any object-group Blocked-UDP-Ports log warnings inactive
access-list inside_access_in extended deny tcp any any object-group BitTorrent-Tracker log warnings inactive
Thank you in advance
I think the configuration that you have pasted covers most of the common ports.
Still , I think it is difficult to block this application using the ACL alone.
Although , the ports that you have blocked might also cause some other things not to work as the range is quite wide.
If you are okay with these ranges being blocked , I would recommend you to follow the reactive approach and try to enable debug syslog on ASDM and test the torrent traffic and simultaneously filter the logs on the ASDM to see which ports are being used and then add them to the ACL.
Thanks and Regards,
You're right. So complicated regards with those ports some of my application won't work when I enable on inside interface I'm experiencing network issues. Hahaha..
But for now I usegp gp on server side to disable it but it's too easy to bypass.
How about disabling p2p??
And how about teamviewer is it possible with acl port 5...?
These application uses the random Dynamic ports and that is the reason they are hard to block using a static ACL policy.
I think if you try to block a wide range of ports that might affect the other traffic so i would recommend against it.
I would suggest to go for a smarter solution like a external module which is specifically made for this requirement.
Thanks and Regards,