Rules for drop dns bypass, vpn, TeamViewer

Options
Hello,

With which rule can I avoid :

Dns bypass on usgflex50w?

How to avoid the use of VPNs of the following type ? :
 . OpenVPN
 . Wireguard

How to avoid using TeamViewer ?

Thanks for your suggestions

All Replies

  • PeterUK
    PeterUK Posts: 2,876  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Maybe look at it the other way if you can inserted of block only allow given access to URL and ports and block everything else?

    VPN can be hard to block when using port 443.

    You can use APP patrol to select tunnelling & Thin Client and drop all.


  • mMontana
    mMontana Posts: 1,342  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    PeterUK said:

    VPN can be hard to block when using port 443.


    May I disagree? It's impossible (without whitelisting the allowed URLs/IPs) lock VPNs on Port 443.
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,315  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @jyjoe,
    You can use DNS Content Filter to block Teamviewer. Go to Security Service > Content Filter > DNS Content Filter > General and click "Add" to create a new profile. In the profile, select "Remote Access" and click "OK".

    You can also add your own block list. Then apply the profile to security policy rule from LAN1/LAN2 to Any and from LAN1/LAN2 to ZyWALL.





  • Zyxel_Emily
    Zyxel_Emily Posts: 1,315  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @jyjoe,
    To block OpenVPN and Wireguard, we suggest you use App Patrol to block VPN. In App Patrol, create a new profile and select "OpenVPN" and "Wireguard". Then apply the profile to security policy rule (outgoing rule). You can consider USG FLEX 100 or ATP100. Both models support App Patrol.

Security Highlight