Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

how to deny p2p apps with an INLINE

With an INLINE solution, what is the best way to deny p2p connections from source IP addresses? There are several choices.

deny-attacker-inline - do not transmit this packet and future packets from the attacker address for a specified period of time.

deny-connection-inline - do not transmit this packet and future packets on the TCP Flow.

deny-packet-inline - do not transmit this packet

deny-attacker-victim-pair-inline - do not transmit this packet and future packets on the attacker/victim address pair for a specified period of time.

deny-attacker-service-pair-inline - do not transmit this packet and future packets on the attacker address victim port pair for a specified period of time.

We would like to deny the connection for the p2p application but not deny the source altogether.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: how to deny p2p apps with an INLINE

If the Signature is using a TCP based engine then I would use deny-connection-inline. If the Signature uses something like UDP then it would be best to use deny-packet-inline.

Hope that helps,

Jonathan

1 REPLY
New Member

Re: how to deny p2p apps with an INLINE

If the Signature is using a TCP based engine then I would use deny-connection-inline. If the Signature uses something like UDP then it would be best to use deny-packet-inline.

Hope that helps,

Jonathan

218
Views
0
Helpful
1
Replies
CreatePlease login to create content