We have Cisco controllers are going to be using forward-upstream to pass
traffic to a layer 3 switch.
>From there the next hop of some wireless traffic will be set to an outside
looking interface on the firewall using policy based routing.
On the firewall we then can control the traffic.
Guest
Thanks Bruce and Jeremy,
Looks like blocking P2P is going to block some vital applications. I will think
about Vlan ACLs (VACLs) rather, and block certain ports (for instance SMB
TCP/445) and not all traffic.
-
Cheers,
Kind regards,
Tariq Adnan | Senior Network Engineer
ICT, Campus Network
We block broadcast/multicast for other reasons, but don't block P2P between
wireless clients. Services like Google Hangouts will try to do a direct
connection when possible (facilitated by the server, so don't need local
discovery). They'll fallback to via a server if necessary, but there are
I do not know if you have Cisco Wi-Fi phones (7821, 7925) or use Cisco
softphones, but they use peer to peer connections for calls after the initial
Call Manager setup.
Microsoft Lync / Skype for Business uses peer to peer for calls on your local
network rather than have both parties use an