port blocking

  • 1
  • Question
  • Updated 2 weeks ago
  • Answered
K-8 school here trying to block students using VPNs: could be apps or websites, on either Chromebooks or phones.  Our content filter, iBoss, is not good in this area, only offering to block five ports.  I want to block lots more, hoping to catch not all but the majority of ports commonly used by VPNs.  I think ZD can do this in configure>access control.  But which section? L2? L3/4?  "Application Denial Policy"?  See two attached screenshots.
Photo of Brad Wilcox

Brad Wilcox

  • 2 Posts
  • 0 Reply Likes

Posted 4 weeks ago

  • 1
Photo of Craig Burchfiel

Craig Burchfiel

  • 9 Posts
  • 1 Reply Like
VPNs work at the Layer 2 level. 
Photo of Brad Wilcox

Brad Wilcox

  • 2 Posts
  • 0 Reply Likes
Alas, no provision to deal with ports in L2 section.  Plus specifying MAC addresses won't be do-able.
Photo of Max O'Driscoll

Max O'Driscoll, AlphaDog

  • 349 Posts
  • 91 Reply Likes
Network protocol 115 will give you L2TP access control deny/allow possibilities. So use that in protocol number. Other comments in recent email.
(Edited)