Cisco 2911/K9 Block P2P / Torrent

Dear Experts,
We currently have a Cisco 2911/K9 router and I feel there's a chunk of people who are eating up our bandwidth.
I am no expert in this area, but I have searched endlessly and haven't been able to find much information on how to resolve this issue on this router or if it is even possible.
Could someone shed some light onto this? Is it possible with this current router and no extra hardware (maybe extra software) to somehow monitor/block/de-prioritize the P2P/Torrent users?
Thank you!
Kind regards,
PIU

Without any additional license or equipment, that's very hard to achieve.
The best way to solve that problem is to use an ASA-NGFW instead of the IOS-router.
If you have to stick with the router you could use Cisco Web Security (CWS) formaly known as Scansafe. But that needs also an additional license.
With only the router you could try some dirty hacks. For example you can deny all unwanted IPs (that of Facebook, Youtube ...) in an ACL. But that is very hard to manage. Or you could control the DNS-communication in a way that your DNS-server return an internal IP of your own webserver for all the unwanted domains.
But all in all, you are using the wrong tool for that problem.

Similar Messages

Blocking Bit-Torrent and other P2P softwares

Hello Dear All
I need to block All P2P Activity (ASA 5525) from VPN Users (outside), I tried some access lists, but they didn't take any action.
could you please assist me the access lists/policy-maps that you have done before and its working.
As you see output of service-policy there are matching but there is no any packet dropped.
Output :
ASA# sh service-policy global inspect http
Global policy:
Service-policy: global_policy
    Class-map: inspection_default
      Inspect: http Drop-P2P, packet 942279, lock fail 0, drop 0, reset-drop 0, v6-fail-close 0
        protocol violations
          log, packet 123
        match request header user-agent regex _default_gator
          drop-connection log, packet 0
        match response header regex _default_x-kazaa-network count gt 0
          drop-connection log, packet 0
        class bit-torrent-tracker
          drop-connection log, packet 0
ASA# sh service-policy global inspect http
Global policy:
Service-policy: global_policy
    Class-map: inspection_default
      Inspect: http Drop-P2P, packet 980730, lock fail 0, drop 0, reset-drop 0, v6-fail-close 0
        protocol violations
          log, packet 131
        match request header user-agent regex _default_gator
          drop-connection log, packet 0
        match response header regex _default_x-kazaa-network count gt 0
          drop-connection log, packet 0
        class bit-torrent-tracker
          drop-connection log, packet 0
Thank You

Hi Ali,
Your VPN users connects through internet and get internet access from the ASA connected internet link??? There you want to block the bit torrent and P2P?? Please describe your setup....
Also provide your configurations that is related to P2P & Bit Torrent blocking
Remember one thing.
The ASA can block P2P type applications only if P2P traffic is being tunneled through HTTP. Also, ASA can drop P2P traffic if it is tunneled through HTTP. If that is already been proxied then its not poosible for asa to block such traffic.
http://www.giac.org/paper/gsec/3123/peer-to-peer-p2p-file-sharing-applications-threat-corporate-environment/103882
Regards
Karthik

How to block p2p applications(Bittorent like) with AIP-SSM-10?

Hi,
How to block p2p application using AIP-SSM-10 working with ASA5520?AIP is on promiscuous mode.
Thanks,
Siva

There are several signatures that detect p2p, for bit torrent there is 11020.0
Yahoo triggers: 5539.0, 11200.0, 11212.0, 11217.0 & 11219.0
etc..
Some are disabled by default though so please ensure you enable the ones that you need.
If you want to block these then you will have to use event actions that work in promiscuous setup for example request block connection and tcp reset. Please note that care must be taken when using these event actions.
For more information about the event actions please refer the link below:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/idmguide/dmevtrul.htm#wp1069467

Block P2P software using ASA-AIP-SSM-20 module

Hello,
I have got a question about blocking P2P traffic on ASA AIP module. I have searched the forums and all I could find were solutions using regex, port block, MPF, but no AIP implementation example.
Could anyone point me in the right direction please ?
Many thanks,
Martin

Hello Paps,
Many thanks for your reply. I was searching the web like crazy for some solutions using IPS and it never occured to me that I could just simply look for the signature files on Cisco website.
Thank you very much again
With regards,
Martin

Effectively blocking Bit Torrent

I am using BackTrack 5 to help monitor Bit Torrent since I have been completely ineffective in blocking it via my Cisco 5505 Firewall. I have now seen several outbound TCP connections with the connection being to my firewall's IP address. I am a rookie when it comes to using Cisco's rather clunky interface and am struggling with this. I am a software developer with very few networking skills in a company of 5! Can anyone help with the proper way to block bit torrent downloads on my Cisco asa 5505 or tell me why my BackTrack system is telling me that the firewall is connecting to the pirate bay?
Thanks in advance for any help you can give me!

It would help if you provided a white-washed network diagram to see where the BackTrack software is installed, listening to traffic. Now if I were a betting person, I would lay good odds that the address BackTrack sees is the same NAT IP used for traffic to go to Internet and BackTrack is listening to traffic after it exits the ASA.
One of the things I have to be beneficial on many levels is implementing a software which uses netflow to track traffic, Scrutinizer for instance. You have all interfaces on the ASA monitored and create filters to look into almost anything crossing the ASA. (Not to plug Scrutinizer, just found it to be the best.)
Another benefit is to use it to see what applications, users, etc are eating traffic. I found a company which released new code to their web servers that did not compress pdf's after being generated, part of new code. As a result we saw a significant portion of the network traffic increase, almost double, and would not have found the culprit had it not been for netflow.

Want to block P2P application using ASA5540

I want to block P2P application & IM using ASA with IPS built-in. I dont wanna use the ACL for all the ports because most of the P2P application using dynamic ports.

Aamir,
You can do this using the application layer inspection on the firewall.
Please take a look at the configuration guide given below.
http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/conf_gd/firewall/inspect.htm#wp1479354
Rate this post, if it helps.
Cheers
Gilbert

Howto block p2p traffic of clients connected to the same ssid on different wlc

Hi all,
I use two wlc 4400 (4.2.x version) with a mobility domain and one ssid, both wlc are connected to a cisco l2 switch infrastructure. On the wlc I use the p2p blocking action 'drop' (http://www.cisco.com/en/US/docs/wireless/controller/5.2/configuration/guide/c52wlan.html#wp1209597) to isolate the clients from each other. Does anybody know if only unicast traffic is blocked or also multicast and broadcast traffic like arp requests?
Concerning blocking p2p traffic of clients connected to the same ssid but different controllers I found the following statement in the LAP FAQs (http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a00806a4da3.shtml):
===
Q. In autonomous APs, Public Secure Packet Forwarding (PSPF) is used to avoid client devices associated to this AP from inadvertently sharing files with other client devices on the wireless network. Is there any equivalent feature in Lightweight APs?
A. The feature or the mode that performs the similar function of PSPF in lightweight architecture is called peer-to-peer blocking mode. Peer-to-peer blocking mode is actually available with the controllers that manage the LAP. If this mode is disabled on the controller (which is the default setting), it allows the wireless clients to communicate with each other through the controller. If the mode is enabled, it blocks the communication between clients through the controller. It only works among the APs that have joined to the same controller. When enabled, this mode does not block wireless clients terminated on one controller from the ability to get to wireless clients terminated on a different controller, even in the same mobility group.
===
Does anybody know what's the best practise to prevent this inter wlc client traffic? I already read about using acls on the wlc dynamic interfaces, or private vlans on the l2 switch vlans where the dynamic interfaces are connected to. Is it allowed to completely isolate the wlc from each other on these dynamic interfaces with acls or private vlans or do the wlc need to see each other on this interfaces (e.g. heart beat)?
Many thanks in advance,
Thorsten

Hi Sasha,Thorsten
The bug is Junked and I believe which is what you are running into with your tests:
CSCtr60787 WLC P2P Blocking Set to Forward-UpStream Doesn't Work.
Bugtoolkit : http://tools.cisco.com/Support/BugToolKit/action.do?hdnAction=searchBugs
To answer your original query :
ACL is only solution to block client communication on same ssid between 2 wlcs. 5508 works better with ACLs then 44xx platform.
ARP requests will be forwarded to upstream router just like any other traffic. WLC won't proxy arp for clients on same vlan.
Gateway arp's I believe should be handled by WLC . ( Don't quote me on this but I am pretty sure it is ) ..If it was not, then how would client know about gw ?
Multicast traffic is not applicable for p2p.
Your ACL can be as simple as this for the scenario :
WLC 1 - clientvlan = 10
WLC 2 - clientvlan = 10
and you want to restrict users from wlc1-wlc1, wlc1-wlc2, wlc2-wlc2 for same vlan10.
Basically in that case the ACL should look like on both WLCs :
1. Permit statement to talk to gateway.
2. Deny to subnet.
3. Permit all.
4. If DHCP/DNS other services are on same subnet then you would need to add a permit
statement before the deny.
5. Attach the ACL to SSID or dymanic interface.
Thanks..Salil
CSCtr60787 WLC P2P Blocking Set to Forward-UpStream Doesn't Work.

Blocking p2p on router 877

Hi,
Can anyone suggest how can I effectively block p2p traffic like Ares, Limewire or other with Cisco IOS 12.4(6) or higher? I tried NBAR but I guess there is no PDLM available for Ares for instance.
Many thanks for any suggestions.
Remi

Hi,
to block p2p traffic you need to block all ports except these you really need.
For example block all ports except http, https, smtp, pop3, dns.
Becouse some of the p2p applications use port 80 to connect there is an options in firewall(classic or Zone-Based Policy Firewall) called protocol-violation and port-missue!
This options prevent non-HTTP traffic over port 80.
For Zone-Based Firewall reffer to this link:
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00808bc994.shtml

Blocking p2p application traffic and tunneling

I need help ........
We have taken two ASA with AIP card, and have configured Active/Active , but user are using p2p and tunneling softwares . how can we block p2p and tunneling traffic ..
plz anyone reply me..........
regards

If you are using Firewall software 12.4(9)T and above, it has integrated policies to block or rate limit p2p application traffic using dynamically updateable application
definitions for newer p2p applications. KaZaA, Gnutella, BitTorrent, and eDonkey are currently supported.
You may also see this: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e419a.shtml

CME B-ACD on Cisco 2911 with IOS 15.2(4)M5 not working

Hi Folks,
I am currently setting up CME version 9.1 with B-ACD (app-b-acd-aa-3.0.0.2.tcl & app-b-acd-3.0.0.2.tcl), running on
Cisco 2911 with IOS ver 15.2(4)M5, this is for lab purposes.
Below is my CME & B-ACD configuration :
voice service voip
ip address trusted list
ipv4 0.0.0.0 0.0.0.0
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
h323
h225 listen-port 1820
no call service stop
sip
bind control source-interface Vlan400
bind media source-interface Vlan400
registrar server expires max 600 min 60
voice register global
mode cme
source-address 172.25.202.1 port 5060
max-dn 2
max-pool 2
load 9971 sip9971.9-2-2SR1-9
authenticate register
timezone 28
time-format 24
date-format D/M/Y
tftp-path flash:
create profile sync 0004714411607756
voice register dn 1
number 3005
name br2phn2
voice register dn 2
number 3006
name br2phn4
voice register template 1
dialplan 1
voice register dialplan 1
type 7940-7960-others
pattern 1 3...
pattern 2 999
voice register pool 1
id mac 1C1D.86C4.0D6D
type 9971
number 1 dn 1
template 1
dtmf-relay rtp-nte
username 3005 password cisco
description 3214-3005
codec g711ulaw
voice register pool 2
id mac 1C1D.86C4.A574
type 9971
number 1 dn 2
template 1
dtmf-relay rtp-nte
username 3006 password cisco
description 3214-3006
codec g711ulaw
voice hunt-group 1 parallel
list 3002,3006
pilot 3210
application
service aa flash:/app-b-acd-aa-3.0.0.2.tcl
paramspace english index 1
param number-of-hunt-grps 2
param handoff-string aa
paramspace english language en
param max-time-vm-retry 2
param aa-pilot 3500
paramspace english location flash://
param second-greeting-time 60
param welcome-prompt _bacd_welcome.au
param call-retry-timer 15
param voice-mail 3001
param max-time-call-retry 90
param service-name queue
service aa-drop flash:/app-b-acd-aa-3.0.0.2.tcl
paramspace english index 1
param service-name queue
param drop-through-option 2
param second-greeting-time 60
paramspace english language en
param max-time-vm-retry 2
param max-time-call-retry 90
param voice-mail 3001
paramspace english location flash://
param aa-pilot 3501
param number-of-hunt-grps 1
param handoff-string aa-drop
param call-retry-timer 15
service queue flash:/app-b-acd-3.0.0.2.tcl
param queue-len 15
param aa-hunt10 3006
param queue-manager-debugs 1
param number-of-hunt-grps 2
param aa-hunt2 3210
interface Loopback0
ip address 172.25.110.3 255.255.255.255
ip ospf network point-to-point
h323-gateway voip interface
h323-gateway voip id Spain ipaddr 172.25.110.1 1719
h323-gateway voip h323-id BR2-RTR
h323-gateway voip tech-prefix 1#
h323-gateway voip bind srcaddr 172.25.110.3
interface Vlan400
ip address 172.25.202.1 255.255.255.0
ip pim dense-mode
dial-peer voice 3500 voip
service aa
destination-pattern 3500
session target ipv4:172.25.110.3
incoming called-number 3500
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
dial-peer voice 3501 voip
service aa-drop
destination-pattern 3501
session target ipv4:172.25.110.3
incoming called-number 3501
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
telephony-service
no auto-reg-ephone
max-ephones 2
max-dn 2 no-reg both
ip source-address 172.25.110.3 port 2000
cnf-file location flash:
load 7965 term65.default.loads
time-zone 28
time-format 24
date-format dd-mm-yy
max-conferences 8 gain -6
moh "music-on-hold.au"
web admin system name admin password cisco
dn-webedit
transfer-system full-consult
create cnf-files version-stamp 7960 Feb 14 2014 05:54:44
ephone-template 1
softkeys connected Endcall Hold Park Trnsfer Acct Flash
ephone-dn 1 octo-line
number 3001 no-reg both
description 3214-3001
name br2phn1
ephone-dn 2 octo-line
number 3002 no-reg both
description 3214-3002
name br2phn3
ephone 1
device-security-mode none
mac-address 189C.5DB6.D303
ephone-template 1
max-calls-per-button 5
busy-trigger-per-button 3
type 7965
button 1:1
ephone 2
device-security-mode none
description 3214-3002
mac-address 984B.E194.FDDD
ephone-template 1
max-calls-per-button 5
busy-trigger-per-button 3
type 7960
button 1:2
Problem :
1. When I test call from CME Phone both SIP and SCCP Phone by dial 3500 or 3501, I get the busy tone.
2. Debug voip dial-peer, match with dial-peer voice 3500 for (aa service) & 3501 for (aa-drop service).
3. Debug voice application script, show nothing.
Is there something wrong with my configuration ?
Rgds
Novri

Hi Novriadi,
In your configuration
service aa flash:/app-b-acd-aa-3.0.0.2.tcl
service queue flash:/app-b-acd-3.0.0.2.tcl
paramspace english location flash://
Remove "/" and "//" from the configuration
Then use the call application voice load command in privileged EXEC mode to reload the scripts.
Router# call application voice load aa
Router# call application voice load queue
Router# call application voice load aa-drop
You can refer to following document as well for more info
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucme/bacd/configuration/guide/cme40tcl/40bacd.html#wp1018270
Please find the sample configuration that is required to configure b-acd in CME for reference.
telephony-service
moh music-on-hold.au
multicast moh 239.1.1.1 port 2000
application
service queue flash:app-b-acd-2.1.0.0.tcl
param number-of-hunt-grps 2
param aa-hunt2 1111
param aa-hunt3 1222
param queue-len 15
param queue-manager-debugs 1
service aa flash:app-b-acd-aa-2.1.0.0.tcl
paramspace english index 1
paramspace english language en
paramspace english location flash:
param service-name queue
param handoff-string aa
param aa-pilot 8005550123
param welcome-prompt _bacd_welcome.au
param number-of-hunt-grps 2
param dial-by-extension-option 1
param second-greeting-time 60
param call-retry-timer 15
param max-time-call-retry 700
param max-time-vm-retry 2
param voice-mail 5003
dial-peer voice 222 voip
service aa
destination-pattern 8005550123
session target ipv4:192.168.1.1
incoming called-number 8005550123
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
Thanks & Regards,
Mudit Mathur

DSP hardware in Cisco 2911?

I have a Cisco 2911 router that needs to do T1 PRI with 32 voice DSPs.
I think I need UC license and VWIC3-1MFT-T1/E1=. I don't see any onboard DSP in "show inv" or "show diag" so is it correct I need to purchase a PVDM2-32? Should this be installed onboard or does this require a NM-HDV2 to house it?

Hi,
You need one PVDM3-32. You don't need NM.
Regards,
- Adrian.

Can't establish a Voice gateway (cisco 2911) using SIP with CUCM 9.1

I have configured a Cisco 2911 as a Voice Gateway using SIP (the configuration is attached), but unfortunately can't establish a test call to a phone (CUPC 8.6 SCCP) using csim start. I have done logging the ccsip debug and ccapi debug and attached them. Could anyone help me to solve this problem?

I just did some research on my end and csim is not supported for SIP. The Invite will never be created and sent to the CUCM to initate the call. It disconnects in the router itself with normal cause.
*Apr 18 08:58:48.086: //40/7D08458F8077/SIP/Error/sipSPIOutgoingCallSDP:
Could not create source SDP for Outgoing Call
*Apr 18 08:58:48.086: //40/7D08458F8077/SIP/Error/sipSPICreateOutboundSDP:
Error in creating an SDP for the outbound call - Check for supported codecs
*Apr 18 08:58:48.086: //40/7D08458F8077/SIP/Error/preprocessSetup:
Error during outbound SDP creation
*Apr 18 08:58:48.086: //40/7D08458F8077/SIP/Info/sipSPIInitiateDisconnect: Initiate call disconnect(16) for outgoing call
Please use an actual call to test your dial-peer and integration with call manager. csim will not work.
Hantale
Sree

Hardware Needed for Cisco 2911 as a console server

Hi,
We need to setup Cisco 2911 router as a console server for OOB (Out of band) connectivity to console of each DC device (upto 20 devices) Could someone please respond to the following questions we had:
1. What interface module can we install on the 2911 ISR for this purpose?
2. What cable (part number please) will go to the that 2911-ISR interface slot and then we can connect the consoel ports of out network devices to that cable.
It needs to be something similar to the cisco octal cable which I know we used for Cisco 2500 series for console purposes to other devices. But not sure about Cisco 2911.
I would highly appreciate your information and help.
Thanks
Lovleen

You would need an interface providing asynchronous serial ports. Something like the HWIC-8A or the HWIC-16A. Needing 20 ports you will most likely use one of each type (having then 24 ports).
The cable to connect to the HWIC is the CAB-HD8-ASYNC. If you attach routers and switches console ports directly to the RJ45 plugs everything is fine. If you have other types of serial ports to serve (DB-9 or DB-25) then you need the according adapters. I don't know if they have product numbers...
Or to have it all on one single PDF follow this link
BR
Björn

IP SLA Monitor on Cisco 2911

Dear all,
I have a cisco 2911 router that is located in my head office LAN and I use this router to connect to my branch networks. I want to configure IP SLA Monitor on this router to track my WAN Links but it does not support the command IP SLA Monitor. My IOS VERSION is c2900-universalk9-mz.SPA.151-2.T1.bin. Please help tell me how I can configure IP SLA on my router.
Any assistance will be highly appreciated.

The Data Technology Package License part number SL-29-DATA-K9 was changed to the AppX Technology Package License that includes DATA and WAAS features with part number SL-29-APP-K9.
SL-29-APP-K9 (AppX License for Cisco 2900 Series) - USD 1,000.00
Please check the Change in Product Part Number Announcement for the Cisco 2900 Series Integrated Services Routers Data Technology Package Licenses link below for your reference(s):
http://www.cisco.com/c/en/us/products/collateral/routers/2900-series-integrated-services-routers-isr/eos-eol-notice-c51-730946.html

Cisco 2911 stops responding after a period of time

I have a Cisco 2911 router with 4 T1 connections. Two are set as a multilink and the other two are for two other locations. The router will run fine, but after a month I cannot ping the gigabit ethernet 0/0 interface. I would have to manually reboot the router to get it to respond again. Before I noticed a lot of interface discards which would shutdown the 2911 and a manual reboot would be needed, but for this time it isn't the case. Where would I start with this the memory and cpu usage are fine.
Here is the config:
Current configuration : 2905 bytes
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname 2911
boot-start-marker
boot-end-marker
card type t1 0 0
card type t1 0 1
no aaa new-model
clock timezone gmt -5
clock summer-time cdt recurring
no network-clock-participate wic 0
no network-clock-participate wic 1
no ipv6 cef
ip source-route
ip cef
multilink bundle-name authenticated
license udi pid CISCO2911/K9 sn FTX1513ALLS
controller T1 0/0/0 -- Multilink
cablelength long 0db
channel-group 0 timeslots 1-24
controller T1 0/0/1 -- Multilink
clock source internal
cablelength long 0db
channel-group 0 timeslots 1-24
controller T1 0/1/0
clock source internal
cablelength long 0db
channel-group 3 timeslots 1-24
controller T1 0/1/1
clock source internal
cablelength long 0db
channel-group 2 timeslots 1-24
buffers middle permanent 200
buffers middle max-free 230
buffers middle min-free 50
buffers big permanent 75
buffers big max-free 200
buffers big min-free 15
buffers verybig permanent 20
buffers verybig max-free 20
buffers tune automatic
interface Multilink1
ip address 192.168.200.1 255.255.255.252
ip flow ingress
ip flow egress
load-interval 30
ppp multilink
ppp multilink group 1
ppp multilink fragment disable
no cdp enable
hold-queue 4000 out
interface GigabitEthernet0/0
ip address 10.10.99.1 255.255.255.0
ip flow ingress
ip flow egress
duplex auto
speed auto
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface Serial0/0/0:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 1
no fair-queue
hold-queue 40 out
interface Serial0/0/1:0
no ip address
encapsulation ppp
ppp multilink
ppp multilink group 1
no fair-queue
hold-queue 40 out
interface Serial0/1/0:3
ip address 192.168.1.2 255.255.255.0
ip flow ingress
ip flow egress
load-interval 60
no fair-queue
hold-queue 4000 out
interface Serial0/1/1:2
ip address 192.168.8.2 255.255.255.0
ip flow ingress
ip flow egress
load-interval 30
no fair-queue
hold-queue 4000 out
ip forward-protocol nd
no ip http server
no ip http secure-server
ip flow-cache timeout active 1
ip flow-export source GigabitEthernet0/0
ip flow-export version 5
ip flow-export destination 10.10.14.49 2055
ip route 0.0.0.0 0.0.0.0 10.10.99.10
ip route 10.10.17.0 255.255.255.0 192.168.1.1
ip route 10.10.25.0 255.255.255.0 192.168.8.1
ip route 10.10.94.0 255.255.254.0 192.168.200.2
snmp-server community ipBalance RO
snmp-server community SolarWinds RO
control-plane
line con 0
logging synchronous
line aux 0
line vty 0 4
session-timeout 60
privilege level 15
password 7
logging synchronous
login
transport input telnet
scheduler allocate 20000 1000
end

Kishore,
I just hard coded the gigabit 0/0 to 1000 full duplex. The interface errors were occuring on the serial interfaces due to someone doing videoconferencing and trying to use more than 1.5Mbps over the T1. Once they throttled down the video conferencing equipment, the errors seemed to go away.
IOS is
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.0(1)M4, RELEASE SOFTWARE (fc1)
For syslogs I enabled:
logging trap notifications
logging IP of syslog server
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone year

Cisco 2911/K9 Block P2P / Torrent

Similar Messages

Maybe you are looking for