Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco 7206VXR IOSv12.4[17]

Status
Not open for further replies.
blasfemaz

blasfemaz

IS-IT--Management
Joined
Mar 26, 2008
Messages
1
Location
US
Hi,

I work for a company where we have over 3,000 users on our LAN, and we all share a 20Mb internet connection. The internet connection is supposed to be only for work related usage, but as in every other place we have those users that install filesharing programs to download or have some kind of bandwidth hogging virus.

This slows down the internet completely. Everyday I have to go into the router and look at the traffic to see what ips have the most connections open, then I have to track down the mac of that ip all the way down to the router and port so I can uninstall whatever programs or viruses were hogging all the bandwidth on that machine.

Our network is composed of 3 sites that are miles away connected through t1 lines. So you can understand how tedious it is when one of the users is not in the site where I am at.

Does anyone know of an easier/faster way of dealing with this? Is there any programs that would read the traffic on my router and automatically show me any ips with more than xx connections open? and, if it is not asking too much, perhaps automatically show me the router and port where the mac of that ip is coming from?

The specific router where I do all the commands is:
CISCO 7206 VXR IOS V 12.4[17]

THANKS for any help you can give me.
 
Sort by date Sort by votes
I would just block file sharing altogether via CBAC, using PAM. You should have things like e-donkey and gnutella in the PAM database as it stands with that IOS...just do a sh ip port-map

Burt
 
Upvote 0 Downvote

I'm with Burt, install PDLM's from Cisco.com which allow NBAR to recognise the bit torrent traffic, then configure a QoS policy that will drop the traffic automatically.

If your sites are connected via T1, the last thing you want is bit torrent traffic saturating the links. Classify and drop this traffic as close to the network edge as possible!

HTH


Peter
CCNA, Cisco Qualified Specialist
 
Upvote 0 Downvote

Sorry, Burts post is slightly different in that he's suggesting using the IOS firewall to drop the traffic...

Peter
CCNA, Cisco Qualified Specialist
 
Upvote 0 Downvote
Either way works great, but CBAC would just be a bit simpler, especially since all the info is in the database already. Just my thoughts, but NBAR is great as well along with policy maps.

Burt
 
Upvote 0 Downvote
Why not install a proxy server and block all of that?

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Blackybear
  • Locked
  • Question Question
Cisco RV042G router
Replies
0
Views
353
Blackybear
Blackybear
B
  • Locked
  • Question Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
419
badwolf1686
B
pbxcomm
  • Locked
  • Question Question
CISCO VG450
Replies
1
Views
853
nt8d09
nt8d09
CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
580
CPM86
CPM86
Skip Rango
  • Locked
  • Question Question
how to backup cisco sg500-52p switch
Replies
1
Views
813
madwok
madwok

Part and Inventory Search

Sponsor

Back
Top