Home » Posts tagged 'ASA'

Tag Archives: ASA

Cisco ASA pre-shared Key Recovery

Use this at the ASA’s Enable prompt to show the pre-shared VPN keys:

hostname(config)# more system:running-config
...
tunnel-group mytunnel type ipsec-ra
tunnel-group mytunnel general-attributes
 default-group-policy myGROUP
tunnel-group mytunnel ipsec-attributes
 pre-shared-key PASSWORD
...

ASA 5505 to block Internet radio

regueiro writes:
I have blocked Internet radio who use port 80.
You should inspect the port and you can add this commands

regex audio-mpeg "audio/.*"

policy-map type inspect http test_radio
parameters
protocol-violation action drop-connection log
match response header content-type regex audio-mpeg
drop-connection log
match request header user-agent regex _default_windows-media-player-tunnel
drop-connection log

class global-class-test
inspect http test_radio

To help you, use a sniffer and capture radio traffic and see http headers.
It is easy to block streaming from media-player, but for other I check the response header and when I see audio/*   (like audio/*  where * can be mpeg,  x-mpeg,  mpeg3,  and/or x-mepg3 …) I close the connection.

Sorry for my bad english.