Blocking of VPNs
We have an issue that Sonicwall cant resolve, due to recent political unrest in our country, the government blocked social media, but the population at large soon discovered VPN's and loaded them all-round to bypass the restriction. Problem is our NSA6600 with App Control and DPI-SSL enabled is not blocking these apps (Phison, Lantern, Nord, Opera, Auro, etc). We have an open case now for over a month with no progress. We are feeling very vulnerable with these unrestricted tunnels into our LAN. Out of desperation i have joined the community to see if there might be a solution out there - surely we cant be the only ones with an issue like this...
DPI-SSL requires the installation of a certificate on client devices, otherwise it won't work.
Have you read this thread? https://community.sonicwall.com/technology-and-support/discussion/comment/7716
Thanks. We have applied the certificates, still does not work, hence the silence from support...
Hey @Norbert, I'm sorry to hear about this inconvenience. When you mention "support" do you have an existing case opened? If so can you send that over so we can take a look?
@micah - SonicWall's Self-Service Sr. Manager
You have a touchy situation, and I am all for freedom of information. From a technical standpoint have you tried utilizing other features of the device such as content filtering, GEO-IP filtering, or even just blocking ports on the firewall? Most VPN services use a combination of TCP 443, TCP 1194 and/or UDP 1194 (and possibly others). You could easily start by blocking outgoing traffic destined for ports TCP and UDP 1194....