On 18/02/2015 16:53, Chuck Church wrote: > That will technically accomplish the requested goal. There may be a bunch > of side effects though.
yes, it will block all https. This is what happens when you try to block a VPN system which was explicitly designed to be difficult to block. The real answer to the question is that this application cannot be blocked with an ASA. The OP will need to buy very expensive DPI hardware to guess what sort of port 443 traffic is https and what sort is VPN traffic. Nick _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
