p2p blocking on Cisco IOS

Unanswered Question
Nov 18th, 2008

Hi,


Is there any way to block any p2p traffic but not based on TCP/UDP ports but the content or certain pattern of the p2p packets on Cisco router?


I know use of NBAR but there can't be found all p2p protocols.


Thanks for any suggestions.


Remi

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
remi-reszka Wed, 11/19/2008 - 07:30

Hi,


Thanks for your suggestions. I did take a look for the latest PDLMs and could not find any for ARES, LIMEWIRE or Bittorrent.


I am not sure if there are any PDLMs covering those applications. ARES is very nasty, uses dynamicly assigned ports from unspecified range.


I looked into ZPF config guides and it looks like with latest IOSs, Cisco added p2p applications for inspect so that with policy-map it could be policed to drop certain traffic maching certaing applications. Those features are available on 880 series for instance but I am working with 870 series.


Maybe you know of any PDLMs that would support ARES or LIMEWIRE.


Thanks a lot in advance.


Remi

remi-reszka Thu, 11/20/2008 - 15:56

Hi,


Many thanks for additional clues but I guess ARES is not supported.

Actions

This Discussion