Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

how can i block p2p traffic?

i'm using ios 12.3 and i want to block p2p traffic in my network and block extensions in schedule mode????


Re: how can i block p2p traffic?

The ios was designed to forward traffic, not to block traffic. it cannot filter at an application layer.

A firewall is designed to block traffic. It can look a lot deeper into the packets, even into the appliications and sessions running.

A router can block a class of traffic that it can capture in an accesslist (ACL).

There is no ACL that covers all p2p traffic, in fact most p2p notice that their default ports are blocked and switch to a "dynamic" mode.

You better try a reversed approach.

Find out what type of traffic is used by your business.

Then you put in place Quality Of Service and assign the business traffic the best quality, leaving just best effort for the p2p.

This will make that the p2p traffic can't affect your business traffic as this will be prioritized by the router.

And it's always good to know what is the traffic that is making $$$ for your company. How can you support the business if you don't know what type of traffic they use.



New Member

Re: how can i block p2p traffic?

is there any way to close p2p ports??????

at least limit it's bandwidth?

and how can i block downloading specific extensions?


Re: how can i block p2p traffic?

New Member

Re: how can i block p2p traffic?

thanks but i still don't know how to do it

bjw Silver

Re: how can i block p2p traffic?

What are the devices you are talking about?

Are you wanting to shutdown a port? an interface?

In my understanding point-to-point is a method where 2 devices are connected. Either directly, or over a WAN connection.

What do you have?


Re: how can i block p2p traffic?

Hi friend,

you will seldom get out of the box solutions for your problem the hint with NBAR should lead you to QoS. Since NBAR is a feature implemented in QoS.

Starting from here:

and searching in these few pages lead you to

Now it is up to you. Read it, implement it and fine-tune it.

Network Management is a time exhausting thing and for each new feature you have to read about the technical backgrouds.

Best regards,


New Member

Re: how can i block p2p traffic?

i'm using 827 soho with ios 12.3

i don't think it's not compatible with NBAR

is it?

is there any simple steps to block p2p or to filter it

and block specific extensions?


Re: how can i block p2p traffic?

Some problems are better solved with policies/procedures and not technology per se. p2p, Instant messaging, rouge voice (e.g. Skype) have all been designed to avoid/evade firewalls. If you have even just ONE open port out to the Internet, these programs will find a way out.

Better to have management issue an edict stating "thou shalt not use ", or use your anti-virus PUP list (potentially unwanted program), or use something like SMS or other software inventory/distribution service to audit the PCs. I know this isn't always feasible, but you're not going to be able to accomplish much with an end-of-life'd 827 running IOS 12.3.

New Member

Re: how can i block p2p traffic?

The best way to block the P2p traffic and stop downloading some specific extensions is to configure CBAC ( Context based access list) on your cisco routing box.

Rate the post if it works out i your case.

CreatePlease login to create content