Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ASA: Block / Allow IM by Username

 

Introduction

The purpose of this document is to provide you an example of how to block all IM usernames except 1, using the modular policy framework on ASA.

 

Problem Description

We are faced with a challenge of blocking all the IM communication from the network except for a few users, based on their username.

 

Solution

The following example considers that you have a fair understanding of configuring modular policy framework on the ASA. Please enter the following configurations to block all the usernames on the IM except "abc@yahoo.com".

 

This section creates a regex entries for the allowed user.

regex user1 "abc@yahoo.com"

 

This section creates a class map to match the regex created earlier.

class-map type regex match-any allowed-senders

match regex user1

 

This section creates an inspection policy map for IM.

policy-map type inspect im filter-senders

parameters

match not login-name regex class allowed-senders

reset log

 

This section applies the previous inspection policy to the global policy for all traffic.

policy-map global_policy

class inspection_default

  inspect im filter-senders

 

This section applies the global policy to the service policy.

service-policy global_policy global

 

References

To learn more about modular policy framework on ASA please refer to

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/inspect.html#wp1479354

Version history
Revision #:
2 of 2
Last update:
‎08-24-2017 06:03 AM
Updated by:
 
Labels (1)
Contributors
Everyone's tags (4)