07-11-2008 09:58 AM - edited 03-09-2019 09:04 PM
Nbar protocol discovery in a 7206 router shows traffic in the winmx and eDonkey class. Before I raise to much of a fuss with users I need to make sure that this isn't a false positive. Does NBAR only match on tcp/udp ports for these two applications, or does it do deeper inspection and match on other patterns?
I just want to make sure that other applications aren't using the eDonkey and winmax ports.
07-11-2008 12:49 PM
I had an issue with NBAR and winmx.
Some traffic, which was not really wimux, was classified as winmx.
07-16-2008 05:57 PM
I'm having this issue now. NBAR shows lot of traffic as winmx, but there's no match on TCP port 6699, as the NBAR port-map shows. What did you use to identify this traffic?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide