11-28-2013 12:02 PM - edited 03-11-2019 08:10 PM
Is there any way of blocking p2p traffic on the ASA?
On our main site we have IPS which can do it but the smaller sites don't i have done a access list blocking the obvious p2p ports however they change.
can it done by using MFP?
Thanks
Solved! Go to Solution.
11-28-2013 01:07 PM
The ASA cannot drop it via MPF, there are some old documents that talk on how to drop them but these are old posts and relate to P2P blocking when it was done over http.
Check this link out so you can understand how P2P work:
http://www.howstuffworks.com/bittorrent1.htm
Then how to control this traffic through your network?
Define work profiles for the PCs, IPS as you mentioned, etc. In any case I believe that now in days P2P has evolved and we have to create new signatures to drop new P2P applications.
Value our effort and rate the assistance!
11-28-2013 01:07 PM
The ASA cannot drop it via MPF, there are some old documents that talk on how to drop them but these are old posts and relate to P2P blocking when it was done over http.
Check this link out so you can understand how P2P work:
http://www.howstuffworks.com/bittorrent1.htm
Then how to control this traffic through your network?
Define work profiles for the PCs, IPS as you mentioned, etc. In any case I believe that now in days P2P has evolved and we have to create new signatures to drop new P2P applications.
Value our effort and rate the assistance!
11-29-2013 10:01 PM
????????????????
Value our effort and rate the assistance!
12-01-2013 08:06 PM
????????????????
Do you still need assistance??
Value our effort and rate the assistance!
12-03-2013 05:18 AM
sorry no thats great. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide