USG40

Hello everyone... i have usg40 and i want to block all vpn applications like psiphon...how to do this
«1

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 959  Zyxel Employee
    Hi @joudeh1996,
    Welcome to Zyxel community. :) You can block VPN service by App patrol.
    1) Go to CONFIGURATION >  UTM profile > App patrol, and select "Bypass_Proxies_and_Tunnels service" to create app profile.

    2) Apply app profile to security policy at CONFIGURATION  > Security Policy > LAN_Outgoing.

  • mMontana
    mMontana Posts: 768  Guru Member
    App patrol is a yearly payed service?
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 959  Zyxel Employee
    Yep, it's yearly payed license service.
  • joudeh1996
    joudeh1996 Posts: 8
    After doing all the suggested steps
    PSIPHON  is still working
    Any suggestions?
  • PeterUK
    PeterUK Posts: 1,403  Guru Member
    Did you select all?
    is service status active? 
     
  • joudeh1996
    joudeh1996 Posts: 8
    yes i do
    Psiphon still working

  • I have the same problem (PSIPHON  is still working)
     Please help


  • PeterUK
    PeterUK Posts: 1,403  Guru Member

    So I decided to activate my Trial on Zywall 110 (updated the Signature) to block this Psiphon and even with only ports 80,443,53 to block this it was allowed. Now this is not surprising to me you can bypass anything to look like normal traffic.

    So what are your options...well you could block the IP of the servers which will take time to do and thats if they don't change over time.


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 959  Zyxel Employee
    edited August 3
    Hi @joudeh1996,
    We would like to conduct a lab test.
    Did you test on Mobile version(IOS/Android) or Windows Desktop version?
  • joudeh1996
    joudeh1996 Posts: 8
    How to update my signature?

Security Highlight