Block Google Talk on a Cisco ASA 5505

Posted on 2010-09-10
Last Modified: 2012-05-10
I need to block users from being able to use Google Talk, but still have access to Gmail using the ASDM java web interface
Question by:ctechsol
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 33651836
the easiest way is to add records to your DNS server (if you have one) to both and, returning

otherwise you can firewall access to the google talk servers, but the actual addresses might change. I found this page that lists all the stuff you need to block access to:
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 33652049

Accepted Solution

lacrewga earned 50 total points
ID: 33652101
Google Talk uses Port 80, Port 443 and Port 5223 other than Port 5222 for its communication purposes. Google Talk connects to, and other than It connects to Ports 5222, 5223, 443 and 80 in all the cases.

Blocking all these 4 addresses blocks Google Talk at both Browser and Talk Client. Note: This does not disable Google mail.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 57

Expert Comment

by:Pete Long
ID: 33656111
Here you go

object-group network Google-Talk-Servers
 network-object host
 network-object host
 network-object host
 network-object host
object-group service Google-Talk-Ports tcp
 port-object eq 5222
 port-object eq 5223
 port-object eq https
access-list outbound line 1 deny tcp any object-group Google-Talk-Servers object-group Google-Talk-Ports

where "outbound" id the name of your outbound access-list - if you do not have an outbound access list you will also need to add

access-group outbound in interface inside

LVL 57

Expert Comment

by:Pete Long
ID: 33658136
In fact This aroused my interest that much I wrote it up


Expert Comment

ID: 33668746
ASDM GUI gives you the ability to block the aforementioned ip addresses. If you need specific help, post back.

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question