cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

820
Views
5
Helpful
3
Replies
dporod
Beginner

Block incoming traffic from known VPN providers

Hi all, is there a way to block incoming traffic from known VPN providers? I see that URL filtering has a Proxy avoid and Anonymizers category that I could use in an ACP rule, but would that work for incoming traffic?

3 REPLIES 3
Mohammed al Baqari
VIP Advisor

In ACP, you can create a policy to match VPN apps. This will be better than URL filtering unless the VPN software of your interest isn't listed in the apps. It will take couple of packets before identifying appID and blocking the connection. 

 

Both URL filtering and application filtering work for both inbound and outbound connections. 

 

***** please remember to rate useful posts

Hi, thanks for the reply. I don't understand how the application filtering would apply. Wouldn't the traffic between the VPN provider and the FTD look like "normal" traffic with no VPN application involved?

 

 

AppID uses signatures to detect this traffic. They look for CNs in cert
names, handshakes, traffic patterns etc
Create
Recognize Your Peers
Content for Community-Ad