Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Blocking P2P

I have ACLs blocking most P2Ps on our edge rtrs. But they still coming in...can anyone post their P2P ACLs...I just want to compare with what I have.

How about NBAR? How reliable is it running in a large network?

TX

Alex

6 REPLIES

Re: Blocking P2P

hi,

I would recommend you use NBAR if possible because ports used by p2p applications are very dynamic.

Regards

John

Community Member

Re: Blocking P2P

Do as John says, NBAR is the solution to this. However, I recommend that you don't actually block it, just give it a VERY low bandwidth. That way the users do not waste time trying to get round the problem, but it is very frustrating and they actually stop using it. Done this successfully at a couple of schools, and the stats show almost no P2P activity after a short while.

Community Member

Re: Blocking P2P

throttle down the bandwidth with rate limting CAR? I was thinking about that over the weekend.

Community Member

Re: Blocking P2P

It has been a while since I actually configured this, so can't remember the exact method. But CAR sounds about right. Make it so small that even a small file will take a couple of days, and they will give up. Good-Luck.

Regards,

Iain

Community Member

Re: Blocking P2P

Can the ASA's utilise the NBAR feature? I have used this on my routers, but just wondered.

Community Member

Re: Blocking P2P

yes gr8 idea i-kendall please tell me how can configure low bandwidth for those

154
Views
0
Helpful
6
Replies
CreatePlease to create content