Cisco Community
English
Register
We're here for you! LEARN about free offerings and business continuity best practices during the COVID-19 pandemic
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
437
Views
0
Helpful
3
Replies
info0000368
info0000368 Beginner
Beginner
‎01-31-2014 03:45 AM
‎01-31-2014 03:45 AM

UDP traffic analyzed in L4 traffic monitor?

Dear all,

I just wonder if anyone knows whether UDP traffic is analyzed by the WSA's L4 traffic monitor?

It just tells "all ports" in the settings and reports also only reflect port numbers but no details like

which protocol (tcp/udp).

Anyone?

Best,

Hascha

Labels:
Everyone's tags (5)
0 Helpful
Reply
3 REPLIES 3
Highlighted
Vance Kwan
Vance Kwan Cisco Employee
Cisco Employee
‎02-08-2014 09:15 PM
‎02-08-2014 09:15 PM

Re: UDP traffic analyzed in L4 traffic monitor?

UDP ports will not be blocked.

The L4TM will use the T1 interface to detect traffic to destinations that are on its blacklist.  Once detected, the the data interface on the WSA will send a packet with the TCP reset flag to the client to prevent a TCP connection.

I have not tested this so someone correct me if I am wrong.  I am answering this based on my understanding of the L4TM feature, and how it works.  Since UDP is connectionless, there is no connection for it to kill.

Now this makes me wonder about the Monitor feature though.  But I am almost certain it will not block if the action is set to block.

I'll check this out when I'm in the office and will get back to you.

-Vance

0 Helpful
Reply
Highlighted
Vance Kwan
Vance Kwan Cisco Employee
Cisco Employee
‎02-17-2014 12:31 PM
‎02-17-2014 12:31 PM

Re: UDP traffic analyzed in L4 traffic monitor?

I have confirmed that UDP traffic will not be blocked or monitored by the L4TM feature.  Only TCP.  Hope this helps.

-Vance

0 Helpful
Reply
Highlighted
Vance Kwan
Vance Kwan Cisco Employee
Cisco Employee
‎03-24-2014 12:14 PM
‎03-24-2014 12:14 PM

I stand corrected now.  I

I stand corrected now.  The L4TM does indeed block/monitor TCP and UDP (even ICMP).  My previous test/setup were not valid.

-Vance

0 Helpful
Reply
Latest Contents
AnyConnect Syslog Configuration Example
Created by pcarco on 04-07-2020 10:54 AM
0
0
0
0
This article is intended to be a simple example of configuring AnyConnect relevant syslog messages to be sent from the ASA to a Syslog server.  The syslog server in this example is Spunk but almost any syslog server should be do the job.   The ... view more
NGFW Sprint 2020 Release is Here!
Created by suhegade on 04-07-2020 02:48 AM
0
0
0
0
NGFW Spring 2020 Releases   It’s official! FTD 6.6, ASA 9.14.1, and FXOS 2.8 have been released. We want to thank the hundreds of team members for the tens of thousands of man-hours dedicated to driving this critical release over the finish line. 120... view more
cisco duo integration anyconnect ssl vpn
Created by elite2010 on 04-05-2020 10:59 AM
1
0
1
0
Hi,I was trying to 2fa cisco duo , all the required settings done  as per below . The problem is duo cloud  does nti not getting any request from the asa . So I am not getting any code from the duo https://www.youtube.com/watch?v=6nEvmc8wji... view more
Community Ask Me Anything event- Configuration, Troubleshoot...
Created by ciscomoderator on 04-03-2020 05:38 PM
0
0
0
0
This event continues the conversation of our recent Community Ask Me Anything event "Secure Remote Workers". To   participate   in this event, please use the   button   to ask your questions Here’s your ch... view more
Cognitive Release Note, March 2020: Additional annotations i...
Created by aligarci on 04-02-2020 12:05 PM
0
5
0
5
User Experience Enhancements As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.   Early Access introduces a... view more
CreatePlease to create content
Discussion
Blog
Document
Video
Content for Community-Ad
Spotlight Awards- February 2020

Follow our Social Media Channels