Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JJM
New Contributor

To Block psiphon vpn application at Fortigate 2500E and 101F

Dear all,

Let me ask some helps from you all, i'm facing some case that i'm trying to block vpn application at our fortigate firewall, cloudflare and psiphon vpn apps:. It does not work using p2p and proxy to deny these apps:. Cloudflare is ok to deny by blocking cloudflare used ip address and ports. But, psiphon is not ok to block by choosing psiphon at application. 

 

JJM_0-1657463848542.png

 

 

Anyone have ever been? or could you pls anyone help that problem to solve?  Thanks much!

1 Solution
Yurisk
Valued Contributor

Try to find this specific application by name, not as part of some category, seems like Fortiguard have a signature for this app: https://www.fortiguard.com/appcontrol/32642

 

Pay attention to the notes - you have to block QUIC protocol altogether, and to reach 100% identification use SSL Deep inspection as well.

 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.

View solution in original post

3 REPLIES 3
Yurisk
Valued Contributor

Try to find this specific application by name, not as part of some category, seems like Fortiguard have a signature for this app: https://www.fortiguard.com/appcontrol/32642

 

Pay attention to the notes - you have to block QUIC protocol altogether, and to reach 100% identification use SSL Deep inspection as well.

 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.
echacon
New Contributor

It is not work that you say!!

echacon
New Contributor

even with SSL Deep inspection!!