Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
626
Views
0
Helpful
1
Replies

Blocking Bit-Torrent and other P2P softwares

AliYashar Ladani
Level 1
Level 1

‎04-25-2014 01:10 AM - edited ‎02-21-2020 05:10 AM

Hello Dear All

I need to block All P2P Activity (ASA 5525) from VPN Users (outside), I tried some access lists, but they didn't take any action.

could you please assist me the access lists/policy-maps that you have done before and its working.

 

As you see output of service-policy there are matching but there is no any packet dropped.

 

Output :

ASA# sh service-policy global inspect http

Global policy:
  Service-policy: global_policy
    Class-map: inspection_default
      Inspect: http Drop-P2P, packet 942279, lock fail 0, drop 0, reset-drop 0, v6-fail-close 0
        protocol violations
          log, packet 123
        match request header user-agent regex _default_gator
          drop-connection log, packet 0
        match response header regex _default_x-kazaa-network count gt 0
          drop-connection log, packet 0
        class bit-torrent-tracker
          drop-connection log, packet 0

 

ASA# sh service-policy global inspect http

Global policy:
  Service-policy: global_policy
    Class-map: inspection_default
      Inspect: http Drop-P2P, packet 980730, lock fail 0, drop 0, reset-drop 0, v6-fail-close 0
        protocol violations
          log, packet 131
        match request header user-agent regex _default_gator
          drop-connection log, packet 0
        match response header regex _default_x-kazaa-network count gt 0
          drop-connection log, packet 0
        class bit-torrent-tracker
          drop-connection log, packet 0

 

 

 

 

Thank You

1 person had this problem
0 Helpful
1 Reply 1

nkarthikeyan
Level 7
Level 7

‎06-29-2014 11:06 PM

Hi Ali,

Your VPN users connects through internet and get internet access from the ASA connected internet link??? There you want to block the bit torrent and P2P?? Please describe your setup....

 

Also provide your configurations that is related to P2P & Bit Torrent blocking

 

Remember one thing.

 

The ASA can block P2P type applications only if P2P traffic is being tunneled through HTTP. Also, ASA can drop P2P traffic if it is tunneled through HTTP. If that is already been proxied then its not poosible for asa to block such traffic.

http://www.giac.org/paper/gsec/3123/peer-to-peer-p2p-file-sharing-applications-threat-corporate-environment/103882

 

 

Regards

Karthik

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card