I am trying to block GotoMyPC traffic using a Cisco ASA 5505.
On gotomypc.com they say you can block all traffic to poll.gotomypc.com to stop all access.
What I have done is create a network group that contains the objects that referencethe IPs for gotomypc.com and poll.gotomypc.com (with poll.gotomypc.com being a host name/a record the IP could change - is there a way to reference the host name with the ASA instead of an IP?)
I set outside access rules from the source gotomypcgroup and blocked all traffic trying the following services: IP, TCP, UDP. however I am still able to connect using gotomypc.
If I create an inside rule it automatically create a rull to block all traffic from any - any that I can not edit, stopping all network traffic.
I used our dns proxy to block all traffic to poll.gotomypc.com and gotomypc.com, but I can not get the traffic blocked from the ASA itself. I also know the ASA has regex's for gotomypc but I am unsure how to use them.
Trying to figure out what I am doing wrong
Thanks.
When you create your first explicit rule on an interface, the implicit rule for the interface changes from "allow all traffic bound for a lower-security interface" to "deny any".
Assuming that your inside interface is your highest security interface, all you need to do to get back to your firewall's current behavior is add an "allow ip any any" under your "deny gotomypc" rule.