Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member


Hi all,

How do I deny users having their gateway as the WSA to block skype. Currently I am using the regular expression:


I also read a outdated reply to also use [^(\n|\r)]+Skype/i

Also, any deny rule on the firewall should be added?


New Member

Re: Skype


Setting your client's default gateway to use the WSA is not recommended or supported.

Since the WSA is not a router, there is a high likely hood that alot of your traffic is going to break. It is also likely that the WSA is going to be receiving alot of traffic that it was never designed to receive, which could have negative impacts.

The regex you have supplied "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443" will have no effect on transparent traffic. This regex is meant to match an explicit CONNECT request that is sent to an IP instead of hostname.

I'm not sure what the other regex is for. It seems a little off. One or more beginning of line or \n or \n followed by Skype/i.

Seems non-sensical to me. Or at least could be re-written. I can assist if you explain its purpose.

New Member

how to block skype

hi josh,
probably mbaki(like me) is trying to look for a way to block skype.
I am using a 6.0 WSA in forward proxy mode.
I tried several ways to block skype, like regular expression ([0-9].[0-9].[0-9].[0-9] and [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:443) but no way... skype keeping on passing throught my appliance....

So if you know some other way to block it , you are welcome!
Thank you very much.
Walter Doria

CreatePlease to create content