Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
1
Replies

Zone Based Firewall

usuario0001
Level 1
Level 1

‎09-22-2009 12:18 AM - edited ‎03-11-2019 09:18 AM

I have a site-to-site vpn with two 2811 Cisco Routers with 2 interfaces each

(LAN and WAN) and a GRE Tunnel.

I want to implement Zone Based Firewall and I have read several configurations to block P2P and Instant messaging, but each of them is for a specific applications, and I'd like to know if there is a way to block all of them or I have to block each individual protocol.

Best regards

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎09-22-2009 12:56 PM

It would be a good idea to block P2P using NBAR. You can block IM using ZBF.

Some p2p like kazaa is a little tricky to block using ZBF.

Here is a link to block p2p using NBAR.

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080ac3082.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card