FreeVPN app needs to be blocked in a school network

Medo162 · ‎12-12-2021

Hi Team,

I have a FortiGate-200E that I need to have FreeVPN app that can be downloaded from AppStore to be blocked.

I wasn't able to find any logs on FAZ related to the traffic from when the device is trying to connect to a sever and connect to VPN and therefore I submitted a request to Fortinet to create a customized app signature and have applied the below two app signature to the application control security profile and blocked freevpn.org and freevpnapp.org but the devices are still able to connect to Free VPN.

The customized app signature are as below:

F-SBID( --attack_id 9999; --name "FreeVPN.TCP.custom2"; --protocol tcp; --flow from_client; --pattern "|00 24|"; --context packet; --distance 8,packet; --within 2,packet; --pcre "/\wFV-/i"; --context packet; --distance 0; --within 4; --tag TEST,Tag.FreeVPNBlockDP; --app_cat 6; --weight 20; )

F-SBID( --attack_id 9998; --name "FreeVPN.SSL.custom3"; --protocol tcp; --service ssl; --flow from_client; --seq =,1,relative; --pattern "|16 03 01 01 33 01 00 01 2f 03 03|"; --context packet; --within 11,context; --pattern "|00 00 00 0f 00 0d 00 00 0a 67 6f 6f 67 6c 65 2e 63 6f 6d|"; --context packet; --distance 0; --app_cat 6; --weight 20; )

Did you guys have any recommendation on how to go about blocking this application?

Ahmed Al-Rashed

JWJ · ‎12-13-2021

Have you tried to use the "VPN-Anonymizing.VPN.Server" ISDB entry as well as the above signatures you applied?

pavankr5 · ‎07-12-2023

Hello @Medo162

Please check this article on how to block third party VPN
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-third-party-VPN/ta-p/220170#:....

FreeVPN app needs to be blocked in a school network

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website