Yes i cannot block all https port it will be Catastrophic in my network is there another solution's from asa ??
On Wed, Feb 18, 2015 at 7:06 PM, Nick Hilliard <[email protected]> wrote: > On 18/02/2015 16:53, Chuck Church wrote: > > That will technically accomplish the requested goal. There may be a > bunch > > of side effects though. > > yes, it will block all https. This is what happens when you try to block a > VPN system which was explicitly designed to be difficult to block. > > The real answer to the question is that this application cannot be blocked > with an ASA. The OP will need to buy very expensive DPI hardware to guess > what sort of port 443 traffic is https and what sort is VPN traffic. > > Nick > > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
