IM INSPECTION on ASA

Unanswered Question
Apr 29th, 2007
User Badges:

Hi All,

I am trying to block yahoo/msn chatting on ASA. there is a provision to block both these chatting software through ASA. Can any one help me how to do that. I know via class-map & policy-map we can do it even i hav configured it. may be m doing wrong. can any help me. i hv configured policy/class map as below


class-map type inspect im match-all IM-BLK

match protocol msn-im yahoo-im

class-map type inspect im match-all CHAT-BLK

match service chat conference games voice-chat webcam

!

!

policy-map type inspect im IM-BLK

parameters

class IM-BLK

drop-connection log

class CHAT-BLK

drop-connection log


thanks

NK


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rodrigo Gurriti Sun, 04/29/2007 - 13:50
User Badges:

man I did not confirm this on a book or lab but I guess you forgot to add the policy-map to a service-policy


service-policy's can be global or can be applied to an interface and you also can pick the direction !!!


let me know thanks

jain.nitin Sun, 04/29/2007 - 21:03
User Badges:

I know but when i try to apply this policy map to service policy..it says this policy-map type (inspect,IM) can not be applied to service policy.


thanks

NK

Actions

This Discussion