Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Zone Based Firewall

I have a site-to-site vpn with two 2811 Cisco Routers with 2 interfaces each

(LAN and WAN) and a GRE Tunnel.

I want to implement Zone Based Firewall and I have read several configurations to block P2P and Instant messaging, but each of them is for a specific applications, and I'd like to know if there is a way to block all of them or I have to block each individual protocol.

Best regards

1 REPLY
Cisco Employee

Re: Zone Based Firewall

It would be a good idea to block P2P using NBAR. You can block IM using ZBF.

Some p2p like kazaa is a little tricky to block using ZBF.

Here is a link to block p2p using NBAR.

http://www.cisco.com/en/US/products/ps5855/products_configuration_example09186a0080ac3082.shtml

391
Views
0
Helpful
1
Replies
CreatePlease to create content