02-05-2009 07:00 AM - edited 03-11-2019 07:46 AM
Does anyone know if there is any material out there that has pre build regular expressions? I can't seem to figure these things out. I'm wanting to block P2P traffic on our network but the ASA only can block Gator and Kazaa by default.
02-05-2009 07:06 AM
hope this helps. I personally have not done it but found the link.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml
02-05-2009 07:35 AM
I've built a class map/policy map with this Doc but i still can't figure out how to build my own REGEX for p2p such as Gnutella, Bittorrent, morpheus....etc. Does anyone have some documentation on the REGEXs?
02-05-2009 08:22 PM
Hi,
Please visit the following url :
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
http://supportwiki.cisco.com/ViewWiki/index.php/ASA_URL_filtering
Could you please try the following conf to block the p2p protocols
http-map inbound_http
port-misuse p2p action drop log
port-misuse tunneling action drop log
class-map http-port
match port tcp eq www
policy-map global_policy
class http-port
inspect http inbound_http
service-policy global_policy global
Regards
Jithesh
02-06-2009 05:35 AM
the HTTP-MAP command isn't supported on the newer asa. :/ NBAR seems to be the best solution for what i am looking for but i'm not sure i want to run it on my Edge router connecting to my ISP. We have an ASA5520 > Cisco 2811 > ISP. Seems like the ASA would have a similar feature like NBAR with PDLMs.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: