×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

How to Block BitTorrent , Download-Manager through ASA

Unanswered Question
Jul 31st, 2012
User Badges:

Hello Gus,


We have many clients who are misusing our company bandwidth by downloading files through BitTorrent and Download-Managers. i tried alot to block it but no luck.


Can anyone intruct me on how to block them on ASA device ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Leo Laohoo Tue, 07/31/2012 - 16:20
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

You don't block them in the ASA.


You can use AD to block applications like BitTorrent and DM from running.

Nitesh Saxena Wed, 08/01/2012 - 02:05
User Badges:

hi


you can block bit torrent


http://wiki.wireshark.org/BitTorrent ---> you can use this guide for the tcp ports.


Ports range for Bit torrent


Bittorrent uses TCP to transfer files and UDP for searching.  It will  use port 80 if the default TCP ports 6881-6889,6969 and 8080 can not be  reached. Some bittorrent clients also support HTTP downloading.To  completely block BT, please block UDP port 1024-65534 in your router.


then make acl based on that and apply it


do rate if helpful.


Nitesh

Imran Ahmad Thu, 08/02/2012 - 00:03
User Badges:

It is not working.


isn't there any other ways to block it through ASA ?    i dont have AD

Nitesh Saxena Thu, 08/02/2012 - 00:29
User Badges:

hi Iram,



regex bit-torrent-tracker ".*[Ii][Nn][Ff][Oo]_[Hh][Aa][Ss][Hh]=.*" object-group service BitTorrent-Tracker tcp description TCP Ports used by Bit Torrent for tracker communication port-object eq 2710 port-object eq 6969object-group service Blocked-UDP-Ports udp description All ports blocked for Bit Torrent UDP DHT (all ephemeral ports except VPN encapsulation) port-object range 10001 65535 port-object range 1024 9999 class-map type inspect http match-all bit-torrent-tracker description Bit Torrent Tracker communication match request args regex bit-torrent-tracker match request method get policy-map type inspect http Drop-P2P description Drop protocol violations, Kazaa, gator and Bit Torrent Tracker traffic parameters  protocol-violation action log class _default_gator  drop-connection log class _default_kazaa  drop-connection log class bit-torrent-tracker  drop-connection log policy-map global_policy class inspection_default  inspect http Drop-P2P


Thanks,


Nitesh


Please rate if helpful

Nitesh Saxena Thu, 08/02/2012 - 01:40
User Badges:

did you apply the policy map or not??


or just copy pasted the configuration on top??

Nitesh Saxena Thu, 08/02/2012 - 01:52
User Badges:

object-group service Blocked-UDP-Ports udp

description All ports blocked for Bit Torrent UDP DHT (all ephemeral ports except VPN encapsulation)

port-object range 10001 65535

port-object range 1024 9999



object-group service BitTorrent-Tracker tcp

description TCP Ports used by Bit Torrent for tracker communication

port-object eq 2710

port-object range 6881 6999


access-list inside_access_in extended deny udp any any object-group Blocked-UDP-Ports log warnings inactive

access-list inside_access_in extended deny tcp any any object-group BitTorrent-Tracker log warnings inactive

access-list inside_access_in extended permit tcp any any


Apply the access list in the inside interface it might need modifications depending on your configuration and its just a sample configuration


regex bit-torrent-tracker ".*[Ii][Nn][Ff][Oo]_[Hh][Aa][Ss][Hh]=.*"


class-map type inspect http match-all bit-torrent-tracker

description Bit Torrent Tracker communication

match request args regex bit-torrent-tracker

match request method get


policy-map type inspect http Drop-P2P

description Drop protocol violations Bit Torrent Tracker traffic

parameters

  protocol-violation action log

class bit-torrent-tracker

  drop-connection log


policy-map global_policy

class inspection_default

  inspect http Drop-P2P

Actions

This Discussion

Related Content