Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

block teamviwer on cisco asa 5520 8.2

Hi Experts

I have the below policy-Map in my firewall,according to this policy map please how can i block teamvirewer via asa 5520, i don't want the outside users to connect using teamviewer to their servers which is already ready up for teamviewer actions

i want to allow only 1 ip address to use team viewer (172.30.30.100)

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect h323 h225

  inspect sqlnet

  inspect netbios

  inspect tftp

  inspect sip 

  inspect ftp

!

service-policy global_policy global

thanks

jamil

6 REPLIES
New Member

block teamviwer on cisco asa 5520 8.2

Hi Jamil

Block 5938 port on firewall !!! that can help..

Regards

Fareed

New Member

block teamviwer on cisco asa 5520 8.2

Hi

where to Apply the ACL? inside or outside?pls mention the syntax

thanks

VIP Purple

Re: block teamviwer on cisco asa 5520 8.2

That won't work. Teamviewer is designed to work through Firewalls and Proxys:

http://www.teamviewer.com/en/help/9-Does-it-work-behind-firewalls-proxy-server-and-NAT-routers.aspx

http://www.teamviewer.com/en/help/334-Which-ports-are-used-by-TeamViewer.aspx

The following could work:

1) Block all Teamviewer-IPs for your network.

2) Restrict the outgoing traffic and send everything through a proxy which also can inspect SSL. There you should be able to filter on the communication.


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

block teamviwer on cisco asa 5520 8.2

Hi Karstein

pls provide me the full configuration to block teamviewer along with the verification

thanks

block teamviwer on cisco asa 5520 8.2

Hi Bro

TeamViewer (TV) is application that used to create remote access connection to PC anywhere. Even if the PC located behind the firewall. TV client using port 80 for the outbound connection, it is difficult to block using port basis. So, because TV client must be connected first to the TV server, we can use another aproach, that is blocking every dns request for the *.teamviewer.com and/or *.dyngate.com.

So, these are the configuration if we use Cisco ASA Firewall (i am using OS ver 8.x):

regex TV-RGX “\.teamviewer\.com”

regex DG-RGX “\.dyngate\.com”

class-map type regex match-any TV-CLS

match regex DG-RGX

match regex TV-RGX

policy-map type inspect dns TV-PLC

parameters

message-length maximum 512

match domain-name regex class TV-CLS

drop

policy-map global_policy

class inspection_default

inspect dns TV-PLC

service-policy global_policy global

P/S: If you think this comment is useful, please do rate them nicely :-)

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
New Member

block teamviwer on cisco asa 5520 8.2

Thanks

5784
Views
13
Helpful
6
Replies
CreatePlease login to create content