11-13-2009 04:08 PM - edited 03-11-2019 09:39 AM
Hey guys,
I am trying to use ASA to block P2P download. I did find this link and I tested it but it's not blocking my Bitcomet download...
The page said that "The ASA can block P2P type applications only if P2P traffic is being tunneled through HTTP". However when I am using my wireshark to monitor the traffic I only see UDP and TCP, not HTTP... I guess that's why it's not working.
Then I checked more on the internet and seems I need to buy a AIP-SSM or CSC-SSM module to block the P2P. Is this true? If it's true, which one should I use? Or do you have another way to block P2P with just the ASA itself? Thanks a lot!
11-15-2009 08:32 AM
This is correct, the regex classes in this example work by blocking HTTP requests. You could block someone from going to www.thepiratebay.com for example but it wouldn't work if they already have a torrent running.
I don't know about the AIP module but the CSC module can only filter on HTTP, FTP, SMTP and POP traffic so you wouldn't be able to filter bit torrent layer 7 traffic.
11-16-2009 03:02 PM
Thank you Plumbis!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide