Has anyone had any luck blocking Hot Spot Shield VPN?

Danny

We have an NSA 4700 HA Pair with DPI-SSL and App control enabled with HotSpotShield VPN set to block and log on the wireless network our students use. I have blocked SID's 5 and 7 and I have blocked UDP and TCP ports 895, 1194, 8245, and 8040 thru 8045. I have a test laptop on this network and am still able to run HotSpot Shield. Running a packet capture show various addresses including Amazon Web Services which I am unable to block. Research showed that this particular VPN uses a Hydra protocol which is unavailable in App Control to block. Does anyone have any advice on anything else I might try on the firewall in order to block this?

Arkwright

Allowing everything and then blocking ports ad-hoc is going to take you a long time to crack this if the application can just use any old port(s) it wants [only another 65500 ports to try :D ]

I suggest you run this on your machine and use the Connection Monitor tool in the Sonicwall to look at what ports it's using.

You may find that the only way of blocking it is allowing only 80/443 out to the internet and hoping that the Sonicwall can catch it.