03-31-2008 10:55 AM - edited 03-11-2019 05:25 AM
I have ACLs blocking most P2Ps on our edge rtrs. But they still coming in...can anyone post their P2P ACLs...I just want to compare with what I have.
How about NBAR? How reliable is it running in a large network?
TX
Alex
03-31-2008 10:03 PM
hi,
I would recommend you use NBAR if possible because ports used by p2p applications are very dynamic.
Regards
John
04-01-2008 03:33 AM
Do as John says, NBAR is the solution to this. However, I recommend that you don't actually block it, just give it a VERY low bandwidth. That way the users do not waste time trying to get round the problem, but it is very frustrating and they actually stop using it. Done this successfully at a couple of schools, and the stats show almost no P2P activity after a short while.
04-01-2008 03:38 AM
throttle down the bandwidth with rate limting CAR? I was thinking about that over the weekend.
04-01-2008 05:34 AM
It has been a while since I actually configured this, so can't remember the exact method. But CAR sounds about right. Make it so small that even a small file will take a couple of days, and they will give up. Good-Luck.
Regards,
Iain
04-01-2008 07:52 AM
Can the ASA's utilise the NBAR feature? I have used this on my routers, but just wondered.
04-01-2008 11:05 PM
yes gr8 idea i-kendall please tell me how can configure low bandwidth for those
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: