Cisco Support Community
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Blocking Log Me In & Go To MY PC

We have a new ASA and I am wondering if it can be used to block access to services such as Log Me In or Goto MY PC? I did not know if this is a simple matter of blocking a range of IP addresses or specific ports or something more complicated that we would need an IPS for.



Everyone's tags (4)
Cisco Employee

Re: Blocking Log Me In & Go To MY PC


The ASA has built in regexps for gotomypc and I beleive there was way to do this also for log me.

class-map type inspect http match-all _default_GoToMyPC-tunnel
match request args regex _default_GoToMyPC-tunnel
match request uri regex _default_GoToMyPC-tunnel_2

bsns-asa5505-19# sh run all reg
bsns-asa5505-19# sh run all regex
regex _default_GoToMyPC-tunnel_2 "[/\\]erc[/\\]Poll"

regex _default_GoToMyPC-tunnel "machinekey"

Now honestly, those applications grow (or used to grow) quite fast, faster then we're able to adjust regexp on ASA - since they are supposed to be static by nature. Don't expect a one command wonder.

I'm not intemately familiar with those APPs... since gotomypc work on HTTP potentiall CSC would be a nice way to prohibit it.

Note that IPS seems to be familiar with Hamachi:

15454.0   LogMeIn Hamachi Activity                  atomic-ip       informational  false
15455.0   LogMeIn Product Activity                  atomic-ip       low            false

It's spead around all over the place but hopefull helps?


Cisco Employee

Re: Blocking Log Me In & Go To MY PC

LogMeIn uses HTTPS which is not covered in the HTTP inspection. So, the regex method may not be useful for that. You could try blocking couple of LogMeIn ports (TCP 12975 and 32976 to see if that helps. LogMeIn application connects to an intermediate server ( to establish communication. You can block that IP from communicating to your network. Hope this helps.

CreatePlease to create content