Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
1
Replies

Blocking Peer-to-Peer File Sharing Programs

eseider
Level 1
Level 1

‎06-16-2004 07:33 AM - edited ‎03-09-2019 07:46 AM

Following the Cisco recommended guidelines, I appear to be blocking legit traffic to our web servers with fastrack and gnutella ports. Any ideas around this problem?

Example:

Class Map match-any p2p (id 2)

Match protocol fasttrack file-transfer "*"

Match protocol gnutella file-transfer "*"

Policy Map block-p2p

class p2p

set ip dscp 1

Access-List

deny ip any any dscp 1 log-input (746 matches)

Log

Jun 16 10:31:04 L0.core3.900walnut.net 809: Jun 16 10:31:03 CDT: %SEC-6-IPACCESSLOGP: list outbound denied tcp 209.96.51.7(80) (FastEthernet0/0 0010.ffe8.9808) -> 65.234.44.33(1214), 4 packets

Jun 16 10:31:16 L0.core1.900walnut.net 15014: Jun 16 10:31:15 CDT: %SEC-6-IPACCESSLOGP: list outbound denied tcp 209.96.51.23(80) (FastEthernet0/1/0 00e0.3499.e800) -> 65.69.94.106(5634), 1 packet

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎06-16-2004 04:58 PM

Already answered in Security - Firewalling forum.

0 Helpful
Customers Also Viewed These Support Documents