ASA 5550 for block p2p

Unanswered Question
Sep 3rd, 2008
User Badges:

hi,

i have applied the following line of code for blocking p2p in ASA but it blocked all of my traffic. please help me.

http-map inbound_http

content-length min 100 max 2000 action reset log

content-type-verification match-req-rsp action reset log

max-header-length request 100 action reset log

max-uri-length 100 action reset log

port-misuse p2p action drop

port-misuse default action allow




class-map http-port

match port tcp eq www




policy-map inbound_policy

class http-port

inspect http inbound_http



service-policy inbound_policy interface outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmoopeung Tue, 09/09/2008 - 08:58
User Badges:
  • Bronze, 100 points or more

We can do that using the port misuse command or you would try installing IPS module before blocking the peer-to-peer on all ports.


Actions

This Discussion