02-05-2009 07:00 AM - edited 03-11-2019 07:46 AM
Does anyone know if there is any material out there that has pre build regular expressions? I can't seem to figure these things out. I'm wanting to block P2P traffic on our network but the ASA only can block Gator and Kazaa by default.
02-05-2009 07:06 AM
hope this helps. I personally have not done it but found the link.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml
02-05-2009 07:35 AM
I've built a class map/policy map with this Doc but i still can't figure out how to build my own REGEX for p2p such as Gnutella, Bittorrent, morpheus....etc. Does anyone have some documentation on the REGEXs?
02-05-2009 08:22 PM
Hi,
Please visit the following url :
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
http://supportwiki.cisco.com/ViewWiki/index.php/ASA_URL_filtering
Could you please try the following conf to block the p2p protocols
http-map inbound_http
port-misuse p2p action drop log
port-misuse tunneling action drop log
class-map http-port
match port tcp eq www
policy-map global_policy
class http-port
inspect http inbound_http
service-policy global_policy global
Regards
Jithesh
02-06-2009 05:35 AM
the HTTP-MAP command isn't supported on the newer asa. :/ NBAR seems to be the best solution for what i am looking for but i'm not sure i want to run it on my Edge router connecting to my ISP. We have an ASA5520 > Cisco 2811 > ISP. Seems like the ASA would have a similar feature like NBAR with PDLMs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide