[c-nsp] CBAC - SIP & MSN Messenger
Paul Stewart
pstewart at nexicomgroup.net
Thu Aug 18 08:43:20 EDT 2005
Wow... Read that stuff over and over and never noticed.... Thanks so
much for clarifying...
It's looks like our best bet to block MSN Messenger traffic on a 3640 is
to block by IP destinations and prevent the user from logging in. The
other option I suppose is to use WCCP to a linux box with Squid and
filter it out that way from port 80.
Does anyone on this list have a pre-established list of IP's to block
for MSN Messenger without me having to do trial and error? When I do a
google search I get a lot of conflicting stories on which ranges do
what...
Thanks again,
Paul
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Per Carlson
Sent: Thursday, August 18, 2005 4:44 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] CBAC - SIP & MSN Messenger
On Wed, Aug 17, 2005 at 10:32:25PM -0400, Paul Stewart wrote:
> I actually have a TAC case open on this issue but not getting very
far.
> They pointed me to that whitepaper which I had already read and told
> the guy at Cisco that is just simple doesn't work.... So why? No
> answer yet....
hi paul.
if you read the white paper and studies the 'port-misuse' command a bit
more closely, you will notice that the only instant messaging
application supported in 12.3(14)t is yahoo! messenger.
port-misuse command description:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft
/123t/123t_14/gt_fwapc.htm#wp1069649
if someone more than i had problems accessing the white paper, removing
"/partner" from the url does the trick.
so, probably tac is a bit misinformed as well :-| you can always file a
feature request, and hope it will get implemented before 12.5 ;-)
--
Regards, Per Carlson
Mosher's Law of Software Engineering:
"Don't worry if it doesn't work right. If everything did, you'd be out
of a job."
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list