IM INSPECTION on ASA

Unanswered Question
Apr 29th, 2007

Hi All,

I am trying to block yahoo/msn chatting on ASA. there is a provision to block both these chatting software through ASA. Can any one help me how to do that. I know via class-map & policy-map we can do it even i hav configured it. may be m doing wrong. can any help me. i hv configured policy/class map as below

class-map type inspect im match-all IM-BLK

match protocol msn-im yahoo-im

class-map type inspect im match-all CHAT-BLK

match service chat conference games voice-chat webcam

!

!

policy-map type inspect im IM-BLK

parameters

class IM-BLK

drop-connection log

class CHAT-BLK

drop-connection log

thanks

NK

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rodrigo Gurriti Sun, 04/29/2007 - 13:50

man I did not confirm this on a book or lab but I guess you forgot to add the policy-map to a service-policy

service-policy's can be global or can be applied to an interface and you also can pick the direction !!!

let me know thanks

jain.nitin Sun, 04/29/2007 - 21:03

I know but when i try to apply this policy map to service policy..it says this policy-map type (inspect,IM) can not be applied to service policy.

thanks

NK

Actions

This Discussion