01-11-2002 11:07 AM - edited 03-08-2019 09:33 PM
I am using PIX515R as Firewall. Recently more and more users listen radio through Internet. Do you have know how to block users to listen radio through Internet?
Thanks.
01-11-2002 06:58 PM
Create an access-list applied to the inside interface with access-group command. Permit only the trafic you want, ie http, smtp, dns, etc. This way, your users shouldn't be able to start radio channels.
Benoit
01-14-2002 10:33 AM
Hi, bdube, thanks for your email. I have the same idea to do it, but do you know what service such as HTTP, FTP, does radio use? Thanks in advance.
01-14-2002 11:51 AM
There are many services today which pipe radio through port 80. You need a product that will monitor traffice on the application layer in order to prevent such traffic. I am not aware of a way to do this in a PIX or a router but there are third party products that do this for you.
01-14-2002 11:59 AM
Hi, pmay01, thanks for you reply. I know third party products such as websense.com can do it, but I want to know if all Internet radio sites use the same standrad and port? If yes (I think, otherwise, it is too messed), what is the port? If we know the port, we can easily block users to listen Internet radio by access-list. Thanks.
01-18-2002 06:09 PM
Reread what pmay01 said -- many of these "radio" services pipe their data over TCP/80, the same port used for 99.9% of standard web access. Have you considered implementing a policy (if you don't have one) which says in so many words "Don't use the Company's Internet bandwidth to listen to the radio?" There are seldom good technical solutions for personnel problems.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide