good afternoon, we want to block Internet access via vpn.I have added to the pn programs that are in the database, but those that are not in the database have access to the network.How to make all third-party VPN programs automatically blocked from clients?Also disabled in app control :p2p and all vpn apps in filter
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
that is too poor information. But I try an interpretation:
you don't want any software to access the internet coming from a client pc that is connected via vpn. You don't want client internet traffic over the vpn.
Well you could simply use split tunneling so vpn clients will only be able to access he subnets over the vpn that are specified in split tunneling because they will not get any other route via the vpn. Their default route for internet access then remains untouched.
So the client still has its own internet connection and only traffic to the subnets specified in split tunneling will hit the vpn.
THen of course that would require some policies on your FGT Endpoint of that vpn to allow the traffic to flow on.
You need both because routing is the very first thing that is checked on traffic. The route then leads to the policies.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.