You Are Here: Home » Router » -Router Cisco » How to block skype

How to block skype

On April 4th 2006, Cisco released IOS version 12.4 (4) T. Cisco introduced much awaited Skype classification in NBAR . So now with simple policy you can block skype. Skype can be blocked in a similar way as we use to block kazza,limewire and other p2p applications.

Example:-

 

NBAR configuration to drop Skype packets

class‚ąímap match‚ąíany p2p
match protocol skype

policy‚ąímap block‚ąíp2p
class p2p
drop

int FastEthernet0
description PIX‚ąífacing interface
service‚ąípolicy input block‚ąíp2p

If you are unsure about the bandwidth eating applications being used in your organisation. you can access the interface connected to the Internet and configure following command

ip nbar protocol-discovery.

This will enable nbar discovery on your router.

Use following command:- 

show ip nbar protocol-discovery stats bit-rate top-n 10

it will show you top 10 bandwidth eating applications being used by the users. Now you will be able to block/restrict traffic with appropriate QoS policy.

we can also use ip nbar port-map command to look for the protocol or protocol name, using a port number or numbers other than the well-known Internet Assigned Numbers Authority (IANA)-assigned) port numbers.

Usage as per cisco:-
ip nbar port-map protocol-name [tcp | udp] port-number

Up to 16 ports can be specified with this command. Port number values can range from 0 to 65535

About The Author

harrychanputra.web.id

Number of Entries : 295

Leave a Comment

© 2011 Powered By Wordpress, Goodnews Theme By Geeks Docuementation

Scroll to top