cancel
Showing results for 
Search instead for 
Did you mean: 

port blocking

brad_wilcox_ibp
New Contributor
K-8 school here trying to block students using VPNs: could be apps or websites, on either Chromebooks or phones.  Our content filter, iBoss, is not good in this area, only offering to block five ports.  I want to block lots more, hoping to catch not all but the majority of ports commonly used by VPNs.  I think ZD can do this in configure>access control.  But which section? L2? L3/4?  "Application Denial Policy"?  See two attached screenshots.Image_ images_messages_5f91c3f4135b77e2478f8b15_c5287280e4596ec52c58071c37e5eaaa_RackMultipart20181113122823vmz-495ab65f-5bde-4adf-817d-d9599282cbaf-20146621.jpeg1542140629Image_ images_messages_5f91c3f4135b77e2478f8b15_a36e5d642c32994e6b1925393bfd80d1_RackMultipart20181113234141xgz-a7c94ddf-480d-4bba-9370-aa086ee30f2c-1797307799.jpeg1542140640
3 REPLIES 3

craig_burchfiel
New Contributor III
VPNs work at the Layer 2 level. 

Alas, no provision to deal with ports in L2 section.  Plus specifying MAC addresses won't be do-able.

Network protocol 115 will give you L2TP access control deny/allow possibilities. So use that in protocol number. Other comments in recent email.