Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Kiwi
New Contributor

How to block Teamviewer Incoming request only (One-way)

Hello

How to block Teamviewer Incoming request from Branch ([style="background-color: #ffff99;"]One-way only[/style]), so that Head Office user can still connect to remote Branch ?

TeamViewer consist of 3 signatures:

- Teamviewer Application

- Teamviewer CallReceive

- Teamviewer CallRequest

 

I created a policy Incoming: WAN, Outgoing: Internal LANs and Blocked "Teamviewer CallReceive" Only, it does not block !

I created a policy Incoming: WAN, Outgoing: Internal LANs and Blocked the above 3 signatures , it does not block !

 

Thanks

2 REPLIES 2
Dave_Hall
Honored Contributor

As I understand it the Teamviewer client installs (if told to) a service on a client device and periodical "calls home", so it makes an outbound connection (e.g. from LAN -> WAN).  This link explains what ports are used by Teamviewer. 

 

And if I understand this, the Teamviewer clients establishes a connect to each other via a server (management connection).  So you may need to rethink your approach to blocking this traffic.

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
Kiwi
New Contributor

Thank you Dave.

I should consider other approach to the One-Way only blocking as you said.

Guys, you input is still appreciated if someone come across similar need or would suggest a hint :)

 

Labels
Top Kudoed Authors