09-17-2010 12:25 AM - edited 03-11-2019 11:41 AM
Hello Everyone,
I want to block my LAN Users from accessing IM websites such as yahoo messanger,Gtalk etc. & facebook also.
Can anyone tell me how can i do that ?
Thanks
09-17-2010 01:20 AM
Hi,
This link should help you:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml
Basically we will need to do all of this using MPF, Regex and http (deep packet) inspection. Let me know if this helps!!
Regards,
Prapanch
09-17-2010 02:31 AM
Keep in mind the following:
a) if your messengers are getting tunneled or encapsulated over port 443 then there is no way to block it, inspect IM only deals with native msn/yahoo msngr packets but if its encap'd over http than inspect http will be used
b)Inspect IM supports MSN Messenger 7.0 (Build 7.0.0816), Yahoo Messenger 7.0.0.437.
This was tested by one of our colleague Kureli, and it worked for MSN
Try this for MSN:
regex msn-messenger "^VER [1-9] MSNP[1-9]+.*\x0d\x0a.*MSNMSGR.*\x0d\x0a"
class-map type inspect http match-all http-msn
match request method post
match request body regex msn-messenger
policy-map type inspect http http-msn
class http-msn reset log
policy-map global_policy
class inspection_default
inspect http http-msn
Note that there is a space between VER and [1-9], and [1-9] and MSNP
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide