Skip to main content

Tue, May 3, 2016 4:20 PM

Blocking outbound VPN traffic

We are a school with some pretty smart students! A few are trying out using a VPN to bypass our firewall content filtering system. I'd like to block that connection attempt at the access point. My thinking is to deny traffic using an Application Port policy tied to 1723. Has anyone done so successfully? 



222 Messages


3.6K Points

5 years ago

cant see any reason why this wouldn't work using application denial policy.



556 Messages


10.5K Points

5 years ago

If your students are truly sophisticated, you may need a more advanced deep packet inspection firewall, or a traffic shaper that's capable of throttling down long-lasting connections to oblivion....

Modern VPN technology often is based off SSL VPN which looks almost identical to HTTPS traffic and can even be operated on port 443.