Question

Locked

How do I block streaming media on a Cisco 2811 Router?

By 10TIL4 ·
Ok, so I took over a small network, with very limited bandwidth. Streaming media of any kind, except for Skype, devastates the network.

How do I block all streaming completely? So far, I researched, and setup the router to drop RTSP (Real Time Streaming Protocol) packets, but I can still stream media from a couple sites. Vimeo.com is an example.

I read that there are other protocols for streaming as well... PNM, MMS, and others, but the router would not accept those inputs. Would only recognize RTSP. So how do I block the rest?

Again, it's a Cisco 2800 Series Router. Thanks.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

You can block the sites for one.

by Peconet Tietokoneet In reply to How do I block streaming ...

You will need to look at your manual that you get from Cisco or go to a Cisco website and read up on it more.

Collapse -

Reponse To Answer

by 10TIL4 In reply to You can block the sites f ...

Well, I don't know all of the sites off the top of my head. So I'm trying to just block the ability to stream media completely. Unfortunately, in using this method, the router only blocks the RTSP protocol. This I found by looking on the Cisco site.

So I've setup the router to deny the streaming ports, but can't block http-based streaming. Doing this would knock out internet all together.

Collapse -

Take a look

by NetMan1958 In reply to How do I block streaming ...

at this article for some ideas:
http://ardenpackeer.com/qos-voip/tutorial-how-to-use-cisco-mqc-nbar-to-filter-websites-like-youtube/

Collapse -

Reponse To Answer

by 10TIL4 In reply to Take a look

Sorry, I should have been more clear... What I meant by saying "the router only blocks the RTSP protocol..." was when I used NBAR, as you suggested. No other streaming protocol is supported by this router, when using this method. The only protocol I can specify, that it recognizes is RTSP.

So, as an alternative, I blocked the ports used by the different protocols. This works, however, I cannot block HTTP-based streaming directly, because that would take out the internet connection altogether.

Is there another alternative? I'm looking at seeing if my organization will approve the purchase of firewall hardware.

Collapse -

Just to be sure

by NetMan1958 In reply to How do I block streaming ...

When you create a calss-map and go to the "match protocol" clause, it doesn't offer "http" like shown below:
Router(config)#class-map match-any INTERNET-SCUM
Router(config-cmap)#match protocol ?
gnutella Gnutella Version2 Traffic - BearShare, Shareeza, Morpheus ...
gopher Gopher
gre Generic Routing Encapsulation
h323 H323 Protocol
http World Wide Web traffic <----------------------
?

If not, what version is your IOS ?

Back to Networks Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums