Blocking VPN sites
Is there a way to block VPN sites that only go by an IP address. There are some VPN clients that makes HTTP or HTTPS connections to VPN servers that only go by IP address. With this, the Firewalla is failing to block these connections. Is there a easy way to write a rule that if there is any HTTPS or HTTP connection that is open for too long and has lot of bandwidth usage, block it? Another approach will be to block any HTTP/HTTPS connection to server that doesn't has a valid DNS record.
The idea is good, this belongs to active VPN detection, which we probably can do if people care about it.
One thing you can do very easily is tap on the top graph (on the main screen) sort by download and usually, you can find VPN connection that way. (either sort the network flows by upload or download)
VPN is fairly tricky since, by nature, it tries to hide. The standard port like 1194 is very useful. And if the port can't be identified, you can examine the network flows, usually, if you sort them by upload or download, they come on the top.
(some what like this https://help.firewalla.com/hc/en-us/articles/360050863873-How-to-block-an-application-using-Firewalla-Network-Flows-)
Please sign in to leave a comment.