Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bioenable
New Contributor

How to Block Proton VPN through Fortigate Firewall 60e

I am trying to block some custom VPN's like Proton VPN in security and profile ---> application control section 

I am trying from the past few weeks but can't get any resolution plz anyone help me.

 

8 REPLIES 8
AlexC-FTNT
Staff
Staff

Application Control works efficiently only with deep-inspection ssl-ssh profile and proxy-mode policy. Can you confirm these two condiitons are met?
In the application control profile - do you have the "Proxy" category set to block? 


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
bioenable

In the application control profile - do you have the "Proxy" category set to block? 

 -- Yes I have set proxy section block and in ipv4 policy added deep-inspection ssl-ssh profile and proxy-mode policy

 

bioenable

@AlexC-FTNT  

 

my question was how to block custom VPN, in my case I am using proton VPN, the listed proxy in FortiGate work's but how do I add any random VPN through application control

AlexC-FTNT

Yes, you are correct, and my advice may not be the best.

Not all VPNs are Proxy software. 

 

You can use the following custom application control signature and the official application control signature "ISAKMP" and "OpenVPN" for Proton VPN.

F-SBID( --protocol tcp; --service SSL; --pattern "protonvpn."; --context host; --no_case; --app_cat 6; --weight 10; )


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
bioenable

Thank you for giving me more exposure over this 

can you please share the same Application signature syntax for ISKAMP, Openvpn, Turbovpn 

 

 

AlexC-FTNT

These application signatures are available in the Application control pack:

AlexCFTNT_0-1645107141841.pngAlexCFTNT_1-1645107154973.pngAlexCFTNT_2-1645107191541.png

 


- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
fiesta
New Contributor III

Hi,

Does the user succesfully established?
May not be related, but I happen to successfully blocked turboVPN after block ISAKMP in appcontrol.

FWD~
FWD~
AdrianR
New Contributor III

Hi, in my case I also had to block ESP.UDP, after blocking ISAKMP I saw it was trying to establish connections with ESP.UDP.

Labels
Top Kudoed Authors