Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA Blocking P2P

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml#config3

I found this documentation on Cisco's site. Does anyone know how to add expressions to the ASA? I'd like to block Limewire on top of some of the default expressions.

5 REPLIES
New Member

Re: ASA Blocking P2P

Gnutella jumps ports so no way to block it unless i spend $$ on web filter.

Re: ASA Blocking P2P

I would perform a detailed packet capture in the Gnutella application session - and see if there is anything that identifies it uniquely at the application level.

or if you have a router that supports NBAR - block the gnutella traffic using the specific PLDM - or you can write your own specific apps to block in NABR.

HTH>

New Member

Re: ASA Blocking P2P

I configured as it says, but p2p continues to work. If i check "Check for Protocol violation" , P2P doesn't work as also POP3 and some http site.

Any solution? I think we have to install WebFilter.

right?

bye bye

Re: ASA Blocking P2P

Have you performed debugging to see if limewire has specific application layer information sent in the headers, so you can write your own expressions?

Re: ASA Blocking P2P

Have you also blocked the limewire.com url??

403
Views
0
Helpful
5
Replies