Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

web tunneling software - how does it get past firewall

hi all, if we use a ASA, application layer firewall, how does things like gotpmypc remote access software manage to tunnel through it, i would of thought the http inspection would block it,

what exactly happens ?

1 REPLY

Re: web tunneling software - how does it get past firewall

You will have to use the MPF feature on the ASA to block the GoToMyPC traffic.

Configure the policy-map type like this

============================================

policy-map type inspect http GotoMyPC_HTTP

parameters

match request uri regex _default_GoToMyPC-tunnel "machinekey"

drop-connection log

match request uri regex _default_GoToMyPC-tunnel_2 "[/\\]erc[/\\]Poll"

drop-connection log

================================================

Also refer to this document

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml

Hope this helps.

273
Views
0
Helpful
1
Replies
CreatePlease to create content