web tunneling software - how does it get past firewall

Unanswered Question
Nov 5th, 2008

hi all, if we use a ASA, application layer firewall, how does things like gotpmypc remote access software manage to tunnel through it, i would of thought the http inspection would block it,

what exactly happens ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dhananjoy chowdhury Wed, 11/05/2008 - 21:24

You will have to use the MPF feature on the ASA to block the GoToMyPC traffic.

Configure the policy-map type like this

============================================

policy-map type inspect http GotoMyPC_HTTP

parameters

match request uri regex _default_GoToMyPC-tunnel "machinekey"

drop-connection log

match request uri regex _default_GoToMyPC-tunnel_2 "[/\\]erc[/\\]Poll"

drop-connection log

================================================

Also refer to this document

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml

Hope this helps.

Actions

This Discussion