Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.
VERY tricky one, and I'm looking forward to an answer as well. the GnuTella engine is a slippery bugger. It's DEFAULT port to LISTEN to is 6346 TCP. I have IDSM blades, server, and appliances running, and still cant find em. you could PERHAPS crerate an access-list blocking all traffic outbound on 6346 destination port, but if you have an intellegent user, they'll change that. Im looking for BLOCKING the buggers, and prolly will end up doing an NMAP scan on port 6346, but am open to ANY suggestions short of taking away their keyboards.
To limit traffic, you would want to configure some custom queues for that interface.
This website has some good resources on stopping file sharing. I understand that this site does not focus on Cisco equipment, but you can reference the port and protocols to assist in stopping most file sharing applications.
Unfortunately, I don't think the 1005 supports QOS with NBAR. That would be the easiest Cisco solution. I will probably get kicked off the site for my next recommendation:
Packeteer makes a great bandwidth management product call Packetshaper. We installed one at a univeristy and within 5 minutes found out the Kazaa was using 6MB of their 10MB Internet pipe. Less than 5 minutes later we were able to limit that to 1K.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :