I have a cisco 2811 router with advanced security IOS (Attached config). I want to block or give the least priority to P2P traffic and give high priority to other applications like http,https,smtp,voice chat, webcam etc since its a military camp and soldiers want to be in touch with their families. I am a CCNA and on my way to CCNP so I have a fair amount of exposures to cisco but I have never tried this.
Blocking is like that,also if you do a search on cisco.com for "Network-Based Application Recognition" you'll get more ideas,or using Google for smthng like < class-map match-any match protocol fasttrack >. You can block it,you can rate-limit it,etc..
class-map match-any P2p
match protocol napster
match protocol fasttrack
match protocol gnutella
match protocol edonkey
match protocol winmx
match protocol bittorrent
service-policy output Block-P2p
Regarding "..high priority to other applications like http,https,smtp,voice chat,.." is a bit wide of a range - priority over what other traffic? Or better yet - what exactly the problems users are experiencing with
Thanks for your reply. Its a military zone so users primarly use it to be in touch with their families using voice chat, webcams, online shopping, emails. Users complain that the voice calls get dropping, webcam streaming is very slow. I would like to give maximum bandwidth to these applications.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...