Greetings, i have an issue with a contract we have recently taken over, it is a managed office environment and one particular user is utilising what i can only determine as p2p applications as the host in question is downloading approx 45Gb over a 24 hour period, i dont have access to NBAR as the router is managed by the ISP and i have tried p2p MPF maps on the ASA 5510 to block it but it's coming through, the port range is 8191-65535 and im quite sure the built in regular expressions dont match what is being downloaded.
I was thinking about policing using basic QoS maps but would you guys be able to suggest an alternative?
1-Revice your MPF implementation to ensure that implementation is not meeting your needs, try exhausting this option, QoS rate limiting could be another option but what is the ultimate goal? Allow P2P file sharing in the company or completely stop non-work related downloads?
See Allow and Block the Traffic Through the Security Appliance
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :