Use ASA to block P2P

Unanswered Question
Nov 13th, 2009

Hey guys,

I am trying to use ASA to block P2P download. I did find this link and I tested it but it's not blocking my Bitcomet download...

The page said that "The ASA can block P2P type applications only if P2P traffic is being tunneled through HTTP". However when I am using my wireshark to monitor the traffic I only see UDP and TCP, not HTTP... I guess that's why it's not working.

Then I checked more on the internet and seems I need to buy a AIP-SSM or CSC-SSM module to block the P2P. Is this true? If it's true, which one should I use? Or do you have another way to block P2P with just the ASA itself? Thanks a lot!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
plumbis Sun, 11/15/2009 - 08:32

This is correct, the regex classes in this example work by blocking HTTP requests. You could block someone from going to for example but it wouldn't work if they already have a torrent running.

I don't know about the AIP module but the CSC module can only filter on HTTP, FTP, SMTP and POP traffic so you wouldn't be able to filter bit torrent layer 7 traffic.


This Discussion