web tunneling software - how does it get past firewall

Unanswered Question
Nov 5th, 2008
User Badges:

hi all, if we use a ASA, application layer firewall, how does things like gotpmypc remote access software manage to tunnel through it, i would of thought the http inspection would block it,


what exactly happens ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dhananjoy chowdhury Wed, 11/05/2008 - 21:24
User Badges:
  • Silver, 250 points or more

You will have to use the MPF feature on the ASA to block the GoToMyPC traffic.

Configure the policy-map type like this

============================================

policy-map type inspect http GotoMyPC_HTTP

parameters

match request uri regex _default_GoToMyPC-tunnel "machinekey"

drop-connection log

match request uri regex _default_GoToMyPC-tunnel_2 "[/\\]erc[/\\]Poll"

drop-connection log


================================================

Also refer to this document


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml


Hope this helps.

Actions

This Discussion