03-18-2007 02:50 AM - edited 03-10-2019 03:31 AM
hi all ,
I am having ASA with AIP card , users are using lots of p2p applications and tunneling softwares and becoz of that my internet bandwidth gets chocked , and i have to restart the ASA. I want to block p2p application and tunneling. is it possible ...
kindly help me..
Regards
03-18-2007 06:50 PM
Seth,
I saw you have been asking this question for quite some time (with no replys) and what you want to do is something I have been wanting to do so I open a ticket with TAC and below is the response from the TAC tech. It at least will get us both started. From TAC:
"Hello Paul,
My name is Andrew and I will be the TAC engineer, working with you on this case. The following IPS signatures are designed to block P2P traffic:
http://tools.cisco.com/MySDN/Intelligence/viewThreat.x?threatId=3794
You can configure these signatures to drop the unwanted traffic when it traverses the IPS module. An alternative solution would be to configure an HTTP Inspection map on the ASA. For instance, the following map will block HTTP tunnelled traffic over port TCP/80 recording each attempt to pass such traffic in the logs:
class HTTP_TRAFFIC
match port tcp eq 80
policy-map type inspect http BLOCK_P2P
class _default_gator
drop-connection log
class _default_kazaa
drop-connection log
class _default_http-tunnel
drop-connection log
class _default_gnu-http-tunnel
drop-connection log
class _default_httport-tunnel
drop-connection log
class _default_firethru-tunnel
drop-connection log
policy-map global_policy
class HTTP_TRAFFIC
inspect http BLOCK_P2P
service-policy global_policy global
Please let me know if you have any more questions. Should you need assistance outside of my normal hours, please call TAC Hotline at 1-800-553-2447. Thanks!"
03-19-2007 12:37 AM
Thank you very much for such a specific and clear response.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide