Blocking outbound VPN traffic

  • 1
  • Question
  • Updated 4 years ago
We are a school with some pretty smart students! A few are trying out using a VPN to bypass our firewall content filtering system. I'd like to block that connection attempt at the access point. My thinking is to deny traffic using an Application Port policy tied to 1723. Has anyone done so successfully? 

Photo of Sheldon Lefkowitz

Sheldon Lefkowitz

  • 16 Posts
  • 3 Reply Likes

Posted 4 years ago

  • 1
Photo of Robert Lowe

Robert Lowe

  • 225 Posts
  • 53 Reply Likes
cant see any reason why this wouldn't work using application denial policy.
Photo of John D

John D, AlphaDog

  • 599 Posts
  • 188 Reply Likes
If your students are truly sophisticated, you may need a more advanced deep packet inspection firewall, or a traffic shaper that's capable of throttling down long-lasting connections to oblivion....

Modern VPN technology often is based off SSL VPN which looks almost identical to HTTPS traffic and can even be operated on port 443.