Solved: Blocking P2P Traffic

James Hoggard · ‎11-28-2013

Is there any way of blocking p2p traffic on the ASA?

On our main site we have IPS which can do it but the smaller sites don't i have done a access list blocking the obvious p2p ports however they change.

can it done by using MFP?

Thanks

jumora · ‎11-28-2013

The ASA cannot drop it via MPF, there are some old documents that talk on how to drop them but these are old posts and relate to P2P blocking when it was done over http.

Check this link out so you can understand how P2P work:

http://www.howstuffworks.com/bittorrent1.htm

Then how to control this traffic through your network?

Define work profiles for the PCs, IPS as you mentioned, etc. In any case I believe that now in days P2P has evolved and we have to create new signatures to drop new P2P applications.

Value our effort and rate the assistance!

View solution in original post

jumora · ‎11-28-2013

The ASA cannot drop it via MPF, there are some old documents that talk on how to drop them but these are old posts and relate to P2P blocking when it was done over http.

Check this link out so you can understand how P2P work:

http://www.howstuffworks.com/bittorrent1.htm

Then how to control this traffic through your network?

Define work profiles for the PCs, IPS as you mentioned, etc. In any case I believe that now in days P2P has evolved and we have to create new signatures to drop new P2P applications.

Value our effort and rate the assistance!

jumora · ‎11-29-2013

????????????????

Value our effort and rate the assistance!

jumora · ‎12-01-2013

????????????????

Do you still need assistance??

Value our effort and rate the assistance!

James Hoggard · ‎12-03-2013

sorry no thats great. Thanks