Products Firewalla Gold Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Blue Plus Firewalla Wi-Fi SD Product Comparison Product Reviews

Blocking VPN sites

Follow
Avatar
Siva Alagarsamy

Is there a way to block VPN sites that only go by an IP address. There are some VPN clients that makes HTTP or HTTPS connections to VPN servers that only go by IP address. With this, the Firewalla is failing to block these connections. Is there a easy way to write a rule that if there is any HTTPS or HTTP connection that is open for too long and has lot of bandwidth usage, block it?  Another approach will be to block any HTTP/HTTPS connection to server that doesn't has a valid DNS record. 

0

Comments

5 comments

Sort by Date Votes
  • Avatar
    Firewalla

    The idea is good, this belongs to active VPN detection, which we probably can do if people care about it.  

    One thing you can do very easily is tap on the top graph (on the main screen) sort by download and usually, you can find VPN connection that way. (either sort the network flows by upload or download)

    0
    Comment actions Permalink
  • Avatar
    Siva Alagarsamy

    Having a feature to detect active VPN connection will be very useful for me. I mainly bought firewall to block gaming and social media websites and with the VPN connections, all firewall rules that I put in are bypassed and it is not doing any good.  

    Thanks

     

    1
    Comment actions Permalink
  • Avatar
    atif.ahmad
    • Edited

    This feature would be awesome. Would love to have it. Solves many issues. . 

    0
    Comment actions Permalink
  • Avatar
    Firewalla
    • Edited

    VPN is fairly tricky since, by nature, it tries to hide. The standard port like 1194 is very useful. And if the port can't be identified, you can examine the network flows, usually, if you sort them by upload or download, they come on the top. 

    (some what like this https://help.firewalla.com/hc/en-us/articles/360050863873-How-to-block-an-application-using-Firewalla-Network-Flows-)

     

    0
    Comment actions Permalink
  • Avatar
    Dave Johnson

    Looks like this is a BETA feature - that is awesome. Can it be set up to alert when someone attempts to use a private VPN tunnel, or does it just get logged?

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post