how can i block p2p traffic?

hanymanyy · ‎02-19-2007

i'm using ios 12.3 and i want to block p2p traffic in my network and block extensions in schedule mode????

miheg · ‎02-21-2007

The ios was designed to forward traffic, not to block traffic. it cannot filter at an application layer.

A firewall is designed to block traffic. It can look a lot deeper into the packets, even into the appliications and sessions running.

A router can block a class of traffic that it can capture in an accesslist (ACL).

There is no ACL that covers all p2p traffic, in fact most p2p notice that their default ports are blocked and switch to a "dynamic" mode.

You better try a reversed approach.

Find out what type of traffic is used by your business.

Then you put in place Quality Of Service and assign the business traffic the best quality, leaving just best effort for the p2p.

This will make that the p2p traffic can't affect your business traffic as this will be prioritized by the router.

And it's always good to know what is the traffic that is making $$$ for your company. How can you support the business if you don't know what type of traffic they use.

Cheers,

Michel

hanymanyy · ‎02-21-2007

is there any way to close p2p ports??????

at least limit it's bandwidth?

and how can i block downloading specific extensions?

ahmednaas · ‎02-21-2007

Here is some info about NBAR:

http://www.cisco.com/en/US/products/ps6616/products_qanda_item09186a00800a3ded.shtml

hanymanyy · ‎02-21-2007

thanks but i still don't know how to do it

bjw · ‎02-21-2007

What are the devices you are talking about?

Are you wanting to shutdown a port? an interface?

In my understanding point-to-point is a method where 2 devices are connected. Either directly, or over a WAN connection.

What do you have?

frankzehrer · ‎02-21-2007

Hi friend,

you will seldom get out of the box solutions for your problem the hint with NBAR should lead you to QoS. Since NBAR is a feature implemented in QoS.

Starting from here:

http://www.cisco.com/en/US/products/ps6616/products_ios_protocol_group_home.html

and searching in these few pages lead you to

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455985.html

Now it is up to you. Read it, implement it and fine-tune it.

Network Management is a time exhausting thing and for each new feature you have to read about the technical backgrouds.

Best regards,

Frank

hanymanyy · ‎02-25-2007

i'm using 827 soho with ios 12.3

i don't think it's not compatible with NBAR

is it?

is there any simple steps to block p2p or to filter it

and block specific extensions?

clausonna · ‎02-26-2007

Some problems are better solved with policies/procedures and not technology per se. p2p, Instant messaging, rouge voice (e.g. Skype) have all been designed to avoid/evade firewalls. If you have even just ONE open port out to the Internet, these programs will find a way out.

Better to have management issue an edict stating "thou shalt not use ", or use your anti-virus PUP list (potentially unwanted program), or use something like SMS or other software inventory/distribution service to audit the PCs. I know this isn't always feasible, but you're not going to be able to accomplish much with an end-of-life'd 827 running IOS 12.3.

kunalpurk · ‎03-05-2007

The best way to block the P2p traffic and stop downloading some specific extensions is to configure CBAC ( Context based access list) on your cisco routing box.

Rate the post if it works out i your case.