Cisco :: Block P2P Traffic On ISR?
Nov 3, 2012I need to block the P2P traffic on a Cisco router. How can do it effectively? I configured NBAR on my router but still users can download using the utorrent client.
View 5 Replies
ADVERTISEMENT
Cisco Firewall :: ASA 5520 - Allow Traffic From DMZ To Internet And Block Traffic?
Apr 29, 2012I have an ASA 5520 with the below config
Gi0/0: outside (Internet)
Gi0/1: inside (Internal users)
Gi0/2: DMZ (web servers, ftp, Mail etc..)
I have a SMTP relay deployed on the DMZ for mailing. I have also a mail servers installed in the internal lan,
I want to allow trafic from dmz to reach internal lan, and i want normally also allow stmp relay from dmz to reach Internet.
How can i block trafic from DMZ to reach Internal Lan (instead of smtp) if the to allow trafic from dmz to internet i must put ANY in the policy?
For allowing trafic from DMZ to reach Internet, the policy must be DMZ -----> ANY ----->Services., this policy means DMZ can implicity reach Internal Lan?
Cisco WAN :: ASA 5510 Where To Block Traffic
Apr 22, 2013where is the best place to block unwanted traffic? By that I mean, should I block it at the router, firewall, IPS? As an example, I'm dealing with DNS flood attacks - probably DDoS and reflection. I have a pair of Cisco 2821 routers with two different ISPs doing BGP. Behind that I have an ASA 5510 with IPS module. Behind that I have 2 public DNS servers. Over the last few days I've seen an increase in bogus DNS queries - high volume, distributed. My question is where is the best place to put the ACL to block them? I've been putting them on the ASA, but when the attack is running, it jacks the CPU to 60%. If I don't put the ACL, the IPS seems to pick them up after a while and the CPU is almost as high as with the ACL. I haven't tried to put the ACL on the routers.
View 2 Replies View RelatedCisco :: Block P2P Traffic On 5508 Controller?
Aug 16, 2012Is it possible to block outside P2P traffic on a guest wireless network using an ACL on the controller? I know we can do it our firewall
View 6 Replies View RelatedCisco Firewall :: ASA 5515X - How To Block Traffic Of P2P
Jan 28, 2013I'm using ASA 5515X my concern is I was not able to block the traffic of P2P such as BitTorrent etc. I was also view some technotes on how to use webfilter without using Websense or Smartfilter tools and lucky I'm able to block certain websites. how to block the traffic of P2P?
View 2 Replies View RelatedCisco WAN :: 3560 - Block Traffic To VLan
Jan 10, 2012Is it possible with a 3560 to block all traffic to a certain vlan except for one or two IP addresses? Create an ACL or something? We have a vlan for voice calls (SIP) and we are getting a lot of scnas that are making the phones ring and such, and I think we can stop this if we only allow traffic onto the vlan from the IP's the SIP traffic is SUPPOSED to be coming from.
View 1 Replies View RelatedSecurity / Firewalls :: How To Block Traffic From A Lan Ip
Jan 16, 2013when I run nestat -b command. I always see a lan ip sending TCP traffic to my computer with state syn_receivedProto >> Lan Address >> Foreign Address >> state >> Process idTCP >> (my ip) >> 192.168.2.222(lan ip) >> syn_received >> 4
View 6 Replies View RelatedD-Link DIR-600 :: Block Incoming Traffic From An IP?
Aug 20, 2012I would like to block incoming traffic from a specific ip on a specific port
This is what I have
source: interface: wan ip address range: 5.xxx.xxx.226 - second one is empty (valid ip instead of x's) protocol: tcp
dest: interface: lan ip address range: both fields empty port range: 139 - empty field
ON and DENY box is ticked name field has some text in it
I click save and get this pop-up: Incorrect source ip address. Invalid format of the start IP address. Current Firmware Version : 2.11 The ip is obviously valid, what should I do?
Cisco :: Block Internet Traffic On The PC Using ASA5501 Firewall?
Jul 7, 2011Is it possible to block internet traffic on the PC using ASA5501 firewall which is used in transperent mode.The DHCP pc is working fine we just need to pass through ASA to block the internet on the pc however intranet should be available.
View 3 Replies View RelatedCisco Switching/Routing :: 6509 ACL Block TCP Traffic One Way
Jul 14, 2010Got servers in vlan 10 ip range 10.0.0.0 and servers in vlan 20 ip range 20.0.0.0 at the same layer 3 switch. (c6509 sup720)I would like to block TCP traffic initiated from Vlan 20 to Vlan 10. But the servers in Vlan 10 needs to be able to open an TCP connections to Vlan 20 did test with the ACL thats blocking (ack/established/syn) but unable to get it to work.Or it works both directions or is works non directions.
View 4 Replies View RelatedCisco VPN :: Block Unsolicited Inbound Traffic Through L2L On ASA5505
Apr 6, 2013I have a working L2L between two locations. Location A and Location B.
Location A: 172.16.16.0/24
Location B: 192.168.0.0/24
I would like to block anything inbound to Location A from Location B that isn't initiated from Location A. The block should be done on the ASA5505 at Location A. Location B uses an ISR G2 router. i.e. Location A can start an SSH session to a server in Location B Location B cannot start an SSH session to a server in Location. .
I tried using a VPN filter on the ASA5505 but it isn't stateful, I cannot pass any traffic when using it.
Config on my ASA:
access-list vpn-traffic extended permit ip 172.16.16.0 255.255.255.0 192.168.0.0 255.255.255.0
access-list block-vpn-to-local extended deny ip 192.168.0.0 255.255.255.0 172.16.16.0
[Code]....
I also have an AnyConnect VPN setup for the ASA5505 and it is running 8.2(5).
Cisco Firewall :: ASA 5520 Cannot Block Incoming Traffic
Dec 12, 2012I was configure 3 interface on ASA1st - managemetn (only for management)2nd - gig0/0 is connected to internet with real IP3rd - gig0/1 is connected to local networkI was configure routed NAT to internet.But I have problem with restriction incomming traffic to inside interface (ifname is inside)but I can connect to ip address of inside interface from other ip. It is wrong and i can't understand where is my mistake.
View 2 Replies View RelatedCisco Switching/Routing :: Block LAN To LAN Traffic On 2960
Apr 16, 2013Is there a way to block lan to lan traffic (except lan to gateway/gateway to lan traffic of course) on a Cisco 2960?
View 9 Replies View RelatedCisco WAN :: Custom Settings For NBAR V6 To Block Most P2P Traffic?
Jul 11, 2011Any comprehensive list of custom settings for NBAR V6 that will block most P2P traffic. The built in list seems incomplete. Either that or a way to better block P2P traffic at the router level.
View 1 Replies View RelatedBlock All Internet Traffic On One Network Computer?
Jul 5, 2011I have a computer on my network I would like to use for media streaming. I would like to block all incoming/outgoing internet traffic and keep all network traffic on this computer local. Is this even possible? Can I also easily restore it if necessary? The computer is running Windows 7.
View 4 Replies View RelatedD-Link DIR-825 :: Block Inbound Traffic From A Specific IP?
Oct 5, 2011How to configure the 825 to block inbound traffic from a specific internet IP address ?i noticed an IP and MAC that i don't recognize that is listed as a connection to my NAS's media server ...i blocked it in the NAS configuration page, but i don't want any unsolicited traffic into my network.
View 3 Replies View RelatedCisco Firewall :: ASA5510 / Block HTTPS Traffic In CSC Module?
Dec 15, 2011I am having an ASA5510 with a CSC-SSM-10 module. I am able to block http traffic through the ASA but cannot block https traffic through it. Need to block https traffic using the CSC module.
View 19 Replies View RelatedCisco :: 5508 WLC / Block Guest MDNS Traffic On Business LAN?
Jun 19, 2012For my company, I am running a Cisco 5508 WLC with a 4400 WLC as a guest anchor in our DMZ. There is a guest SSID and several business SSID's for internal equipment. Guest traffic should be tunneled out to the 4400 controller where [the client] gets its IP address and is sent out to the internet. No internal corporate access is possible. However, when I do a packet capture from my wired PC, I'm seeing traffic generated by different iPhones. It appears to be mostly IPv6 mDNS or ICMPv6 traffic. How would this traffic make it onto the corporate wired network, when it should be staying on the guest network? None of the iPhones have been setup on the business SSIDs, so I know it isn't legit traffic. Is there a setting in the WLC that will block this? Will an ACL work?
These are examples of some of the traffic that wireshark is capturing:
349 7.794875 fe80::e77:1aff:fe3c:f81 ff02::fb MDNS 253 Standard query response PTR, cache flush Tonyas-iPhone-2.local PTR, cache flush Tonyas-iPhone-2.local
356 7.802667 fe80::e77:1aff:fe3c:f81 ff02::fb MDNS 151 Standard query ANY Tonyas-iPhone-2.local, "QU" question ANY Tonyas-iPhone-2.local, "QU" question
361 7.806964 fe80::e77:1aff:fe3c:f81 ff02::fb MDNS 151 Standard query ANY Tonyas-iPhone-2.local, "QM" question ANY Tonyas-iPhone-2.local, "QM" question
Both controllers are running software version 6.0.196.0. I also have a WCS server running version 7.0.220.
Cisco WAN :: 2960 / Block Traffic Under Two VLANs - Unidirectional Or Bidirectional
Aug 22, 2012I have a Ciso L3 switch with 4 VLANs and all host computer connected to rest of 8 cisco 2960 switch's:
VLAN 1 : 192.168.1.0/24
VLAN 10: 192.168.10.0/24
VLAN 20: 192.168.20.0/24
VLAN 50: 192.168.30.0/24
There are list of my some Questions about Extended ACL serialwise :
1. For Restrict traffic from VLAN 10 to VLAN 20, I am using only one ACL is : Access-list 100 deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255.\ What will happen in this scenerio if we talk about traffic from VLAN 20 to VLAN 10. Will it communicate or not ???
2. How to Block the traffic from VLAN 10 to VLAN 20 but allow the traffic from VLAN 20 to VLAN 10 ?
Security / Firewalls - Traffic Block Warning On VPN Connection?
Jan 21, 2012On connecting VPN, i am getting this warning: Enabling VPN connection will block all traffic that doesn't get sent to this peer. After Yes, it stops all browsing. I want to access internet plus vpn connection.
View 4 Replies View RelatedCisco Switching/Routing :: 2911 / Block All Traffic But Allow One Way Data Transfer?
Feb 5, 2013I am trying to connect a Control network that can not have access to the Internet, or any other network for that matter, to my Admin network so that I can retrieve trend data about the plant that goes into a database. Right now the process is print information, hand jam into excel spreadsheet, print again, and hand jam into another excel spreadsheet on the other network. Reports are printed automatically once a day, but would like a simplified way of getting data from one network to the other without having to re-enter data several times. Current policies stipulate no USB drives connected to Control systems. Even if we could loosen that, personnel needed to transfer data is not available and going to each individual machine would take more time than current system.Now that background is laid, I have two 2911 ISR routers with EIGRP configured, each with a 4 port EHWIC card. The 3 L3 ports on the router are setup as follows: interface G0/1 to the internet, interface G0/2 to a wireless back haul, and interface G0/0 for IT network. I then have 3 VLANs setup on the EHWICs for our Admin network. We will move the IT network to a VLAN on the remaining EHWIC port and connect the two 2911's through the G0/0 interface. I am going to have one computer on my Administration network dedicated to receiving the information and have a program that will take that data and import it to a database. I need to allow only that computer to receive traffic from the Control network and I need no traffic to flow back into the Control network. In other words I will transmit data from the control network to the admin computer using one protocol (TFTP more than likely) and block any other traffic coming out of and going into the Control network.
View 1 Replies View RelatedCisco Wireless :: How To Block P2P Traffic Of Clients Connected To Same SSID On WLC 4400
Feb 2, 2010I use two wlc 4400 (4.2.x version) with a mobility domain and one ssid, both wlc are connected to a cisco l2 switch infrastructure. On the wlc I use the p2p blocking action 'drop' [URL] to isolate the clients from each other. Does only unicast traffic is blocked or also multicast and broadcast traffic like arp requests?Concerning blocking p2p traffic of clients connected to the same ssid but different controllers I found the following statement in the LAP FAQs [URL]
Q. In autonomous APs, Public Secure Packet Forwarding (PSPF) is used to avoid client devices associated to this AP from inadvertently sharing files with other client devices on the wireless network. Is there any equivalent feature in Lightweight APs?
A. The feature or the mode that performs the similar function of PSPF in lightweight architecture is called peer-to-peer blocking mode. Peer-to-peer blocking mode is actually available with the controllers that manage the LAP. If this mode is disabled on the controller (which is the default setting), it allows the wireless clients to communicate with each other through the controller. If the mode is enabled, it blocks the communication between clients through the controller. It only works among the APs that have joined to the same controller. When enabled, this mode does not block wireless clients terminated on one controller from the ability to get to wireless clients terminated on a different controller, even in the same mobility group.
what's the best practise to prevent this inter wlc client traffic? I already read about using acls on the wlc dynamic interfaces, or private vlans on the l2 switch vlans where the dynamic interfaces are connected to. Is it allowed to completely isolate the wlc from each other on these dynamic interfaces with acls or private vlans or do the wlc need to see each other on this interfaces (e.g. heart beat)?
How Does Firewall Block Or Filter Traffic On Specific Port Or IP Address
Nov 15, 2011How does a firewall block or filter traffic on a specific port or IP address?
View 1 Replies View RelatedLinksys Wired Router :: RVL200 Block Specific LAN / LAN Traffic
Jul 25, 2011if the firewall rules in the RVL200 work for inter LAN routing as well as LAN<->WAN? I need 2 separate networks in a house, 1 for business 1 for family, and I want to only allow my IP on network 1 (family net,10.0.0.0/24) access to network 2 (business net 10.0.1.0/24). I want this as if I change rooms were a access point for business is not available I can use the home net and specific IP to access certain business net IPs. I saw you can turn inter vlan routing on or off, but it wasn't clear on firewall rules.know of a similar router in cost but with gige instead of 100Mb ports?
View 1 Replies View RelatedD-Link DIR-600 :: Block Incoming Traffic / How To Create Rule Source
Jun 23, 2011I need to block incoming traffic with Dlink DIR 600. I know how to create the rule source (WAN) to destination (LAN) to deny all protocols. But what IP will I put in WAN? IP address of my Internet? Or how can I enter the ALL IP range in source...format for the IP (it's not 0.0.0.0).
I want to do this because in the DIR log section I'm being PING Flooded. I already un-check "Enable WAN Ping Response" but still receiving the message.
Cisco Firewall :: ASA 5520 To Block Https Traffic But Users Are Able To Open Website
Jul 1, 2011We have ASA 5520 with CSC-SSM 20 and we want to block https traffic but when we are blocking https traffic http traffic going to block but user are able to open website.
View 1 Replies View RelatedCisco Firewall :: ASA 5505 / Block Internal LAN And Internet Traffic Except LogMeIn Site?
Sep 12, 2011I have configure Cisco 5505 as layer 2 firewall mode. I have vendor machine connected to Cisco ASA 5505 on port 2 as VLAN2 inside then VLAN1 outside connected to my internal network on layer 2 cisco 2960 switch. This machine needs access only to LOGMEIN then block all internal/internet traffic.
vendor machine on vlan 2 inside >> Cisco ASA 5505 vlan1 outside >> layer2 switch >> internal LAN >> Cisco 5520 main FW >>> INTERNET
Cisco Switching/Routing :: Block Traffic Between Two Vlans On Cat3560C - Internet Access?
Aug 3, 2012I have a Cisco C3560CG which is running C3560c405ex-UNIVERSALK9-M), Version 12.2(55)EX2.The switch has vlan 1 and vlan 50 configured, vlan 50 should have access to a limited number of host in vlan 1.The following acl has been applied on the inbound to vlan 50:
10 permit tcp 10.16.30.0 0.0.0.255 host 192.168.15.243 eq 137 138 139 445
20 permit udp 10.16.30.0 0.0.0.255 host 192.168.15.243 eq netbios-ns netbios-dgm netbios-ss 445
25 permit icmp 10.16.30.0 0.0.0.255 host 192.168.1.243
26 permit ip 10.16.30.0 0.0.0.255 host 10.16.30.254
30 permit ip 10.16.30.0 0.0.0.255 host 192.168.15.254
[code]....
I sure the above would work, but for some reason some of the packet counter are not incrementing but the traffic is being blocked. But I would like to see the counter increment.Also I have that I may beed to use VACL wouls this be the case?
Cisco Switching/Routing :: Block / Permit Intra Vlan Traffic On 3750
Feb 21, 2013I have One switch 3750 and many switch 2960 c.I use one ASA 5510 to reach emote branche site (vpn conexion).I use one router 1841 for internet conexion.Router 1841, ASA and catalyst 2960 are connected on the 3750.Default gateway of all user is ASA IP
I configured Vlan 3750 and it work.Now I need to implement security : permit/block specific traffic between vlan [code] From vlan 72 I cannot have remote access on computer in vlan 34 and I cannot ping computer in vlan 34.
Cisco Firewall :: Access-List Traffic Control Attempting To Block RDP 3389
Nov 7, 2012I have an ASA pair configured to replace a router that hosts a collection of IPSec Tunnels. Tunnels appear to work. I am lab'ing some additional controls that I would like to implement. On the Production Router that i plan to replace with the ASA's the current Tunnels are all wide open (all traffic allowed to pass). I was hoping to lock things down a little without having to reconfigure all of the Tunnels. My though was that an ACL on the Inside Interface blocking selected traffic Out (so into the LAN) should not impact the stability of the Tunnels but allow me to restrict some traffic from entering the LAN. One port that I was attempting to block is RDP 3389. When this ACL is applied to the inside interface it does not block Port 3389 at all. What am I missing? Is it that the trffic is being allowed because it is coming through one of my 'open' Tunnels?
Shouldn't IPSec Tunnel traffic be processed by the Inside Interface ACL just like all other traffic?
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 3389
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 135
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 137
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 138
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 139
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 445
access-list 145 deny tcp 192.168.30.0 0.0.0.255 10.187.10.0 0.0.0.255 eq 389
access-list 145 permit ip any any
ip access-group 145 out interface Internal
This work great on a 2821 Router, but not so much on the ASA.
Cisco Switching/Routing :: 6509 - Block All FTP Traffic On Port 21 From Servers In Network
Oct 3, 2012I am attempting to block all FTP traffic on port 21 from the servers in my network, and only allow FTP from one server to go out.
I have created the following ACL
access-list 101 Permit ip any any
access-list 101 Permit 21 1.1.1.1 0.0.0.0 any
access-list 101 Deny 21 any any
and have applied it to my truck VPN that goes up to my firewall
int Vlanxxx
ip access-group 101 out
But when i test ftp is still allowed by all servers.
Linksys Wireless Router :: E2500 Block Outbound And Inbound Traffic On TCP 5222 / 5223
Oct 23, 2012I am trying to block outbound and inbound traffic on TCP 5222 and 5223 on E2500 but cannot figure out how. The reason is I have kids in my house using KiK (texting app) on iPads, iPods etc. My goal is to eliminate this applications ability to function for ANY wireless device connected to my WLAN.
View 1 Replies View RelatedLinksys Wireless Router :: E4200 Block Traffic At Certain Times Uses Both Parental Controls / Internet Access Polices
Oct 21, 2011I have configured my e4200 to block traffic at certian times uses both the Parental Controls and the Intenet Access Polices. Neither one seems to work though. [code] I have the same MAC addresses specified in each rule. Initally I had only the first two rules. Those didn't work, so I added rule 3 and 4 (they do the same thing as rules 1 and 2 but from the opposite direction). There are no compliaints, but they don't stop any traffic.
I started with the Parental Controls, they didn't work either. The page in there that lets you pick which machines you want to block seemed next to worthless. I have about four rows listed as "Network Device." REALLY LAME! As the MAC addresses are accesible and these weren't working I went to the IAP.