My firewall is blocking all the sessions from nordvpn but it still consumes the data. The attached screenshot is of 24hr activity even my servers are shutdown but it is making sessions with my complete IP Pool.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Could you please share the output for the below-mentioned commands?
config firewall policy
edit <policy id>
sh full
end
To check the policy ID Kindly check the related policy on device GUI(Policy and objects >> Firewall policy/IPv4 policy)
May I know whether do you created any rule or web filter or application control to block it?
Hi Molaw,
in your firewall policy you are allowing "srcaddr all" to access your server.
Where do you exactly try to block NordVPN?
Can you show us this policy?
Best Regards
Domink
NSE 4/5/7
at webfilter level using regex
Created on 05-26-2022 10:33 PM Edited on 05-26-2022 10:35 PM
Ok, but the firewall policy above is for accessing one of your servers from the internet.
If you dont want to have nordvpn users accessing your public servers, the webfilter is the wrong tool.
You could place a policy which contains the internet service database record "VPN-Anonymizing.VPN.Server" as source before your server access policy.
This could look like one of my policys:
If one ip from one of those sources arrives on my fortigate, it will be blocked. This policy should be placed at top of your ruleset, if possible.
Best Regards
Dominik
NSE 4/5/7
where can i make this policy?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.