How to block Hotspot Shield VPN

kitty · ‎03-31-2017

Hi all,

We are using the Fortigate 800C and I want to block traffic the Hotspot Shield VPN, is there anyone else who can help me?

Thanks a lot.

hmtay_FTNT · ‎03-31-2017

Hi kitty,

Please use the Application Control signature "Hotspot.Shield" to block the VPN. You will need to set the following signatures to Block too: "ISAKMP", "PPTP" and "L2TP". They are used on the iOS app to connect to the servers. Hotspot Shield VPN is one of the most evasive VPN, be sure to update your IPS Definition whenever a new one is available.

HoMing

kitty · ‎03-31-2017

Hi HoMing,If I block the two signatures: PPTP and L2PT anh then the VPN site to site is also be blocked? Thanks for your support

hmtay_FTNT · ‎04-01-2017

Yes, if the outgoing PPTP and L2TP connection for your VPN site to site comes from the same firewall policy with those signature set to block, they will be blocked.

There are ways you can get around this - like creating groups to specify which addresses gets exempted from the signatures.

kitty · ‎04-01-2017

I am very grateful to you, when you replied the first posts I had a fresh idea to solve this case.

Thank you so much. See you soon

hmtay_FTNT · ‎04-01-2017

You are welcome. Please let us know if you run into any issues. You can get to us here or PM me or open a support ticket with the TAC.

HoMing

How to block Hotspot Shield VPN

Nominate a Forum Post for Knowledge Article Creation