cancel
Showing results for 
Search instead for 
Did you mean: 

Blocking outbound VPN traffic

sheldon_lefkowi
New Contributor III
We are a school with some pretty smart students! A few are trying out using a VPN to bypass our firewall content filtering system. I'd like to block that connection attempt at the access point. My thinking is to deny traffic using an Application Port policy tied to 1723. Has anyone done so successfully? 

Thanks...
2 REPLIES 2

robert_lowe_722
Contributor III
cant see any reason why this wouldn't work using application denial policy.

john_d
Valued Contributor II
If your students are truly sophisticated, you may need a more advanced deep packet inspection firewall, or a traffic shaper that's capable of throttling down long-lasting connections to oblivion....

Modern VPN technology often is based off SSL VPN which looks almost identical to HTTPS traffic and can even be operated on port 443.