Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
383
Views
0
Helpful
1
Replies

blocking openvpn

Addey Salameh
Level 1
Level 1

‎06-02-2015 01:24 PM - edited ‎03-08-2019 12:19 AM

hello guys
 

I've blocked some sites on my network and everything went really fine using access-lists 
but recently i found that some users are using  some openvpn services to access these sites such as tor and hotspot shield 

so is there any technics that i can use to block such things like blocking the ports that these apps using or anything that can help me 
 

any advices guys 
i'll be thankful 

Labels:
0 Helpful
1 Reply 1

devils_advocate
Level 7
Level 7

‎06-03-2015 01:37 AM

Blocking using ACL's always has its limitations and the more you want to block, the longer and more unmanageable the lists tend to become. 

You will find that lots of things use different ports to try and avoid detection so blocking by destination port is good to a point but simply cannot block everything. 

I would look at getting something which is good at application level blocking.

We use PA-200 units in our branch offices and they work great, the GUI makes it much easier to manage. They are the baby of the PA appliances so definitely not Data Centre grade but you can spend more and get beefier units. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card