Meraki

Community

Blocking Remote/VPN Website Client Access IE..joinme, teamviewer, etc...

kc
Comes here often
‎Mar 22 2018 7:15 AM
‎Mar 22 2018 7:15 AM

Blocking Remote/VPN Website Client Access IE..joinme, teamviewer, etc...

Other than blocking all the sites, at the filter/URL Blocking, is there a way to block all or a majority of theses sites.  We have the categories filtering selected as well, but end users are still able to use.  Port blocking, like URL's, have a wide range.  Obviously can't add them all, especially 443.  Just seeing what others are doing to to block this with a blanket rule or filter and not have to granularly block each url website.

 

We have the MX400.  

 

Thanks for any help you can provide.

0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 22 2018 7:18 AM
‎Mar 22 2018 7:18 AM

I don't understand what you are asking.  Have you looked at using FQDN firewall rules instead of content filtering?

 

https://documentation.meraki.com/MX-Z/Firewall_and_Traffic_Shaping/Firewall_Settings#FQDN_Support

0 Kudos
In response to PhilipDAth
kc
Comes here often
‎Mar 22 2018 7:44 AM
‎Mar 22 2018 7:44 AM

If I were to use FQDN, as you suggested, then we would have to find every destination (URL) and all their different ports to add.  I work in education, deploy 2500 devices, and trust me students/faculty will find a URL that maybe we would miss.  This method doesn't seem to efficient to me.  I'll put in the leg work, but my question was can this be done with, say a Layer 7 category denial.  Like Remote monitoring and management?  That way it is a blanket for these website and we don't have to input each new URL that comes out.  

 

I actually researched this question, in the community, and your suggestion to someone else was to check Proxy Avoidance and Anonymizers in the Category Filter.  We have had that category blocked and it didn't work.  

0 Kudos
In response to kc
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 22 2018 12:14 PM
‎Mar 22 2018 12:14 PM

I still don't understand what you want.

 

You say you would have to find all the URLs - all the URL's for what?  What do you actually want to block?

0 Kudos
In response to PhilipDAth
kc
Comes here often
‎Mar 22 2018 12:35 PM
‎Mar 22 2018 12:35 PM

Ok, I will type slower.......I want to block... ANY... "Remote Access/ VPN Client" website.  Instead of putting all of the URL's like.....logmein, teamshare, realvnc, showmypc, gotomypc, screenconnect, splashtop, ultravnc, anydesk, and the hundreds more that we don't know about into Layer 3 and then finding and adding their ports.  Which some use 443 which is a no go on blocking.  Is it possible to block these types of sites with the filter, rule, or category, anything?

0 Kudos
In response to kc
MPiechota
Conversationalist
‎Apr 20 2018 10:02 AM
‎Apr 20 2018 10:02 AM

Did you have any luck with a solution from any other sources?  Similar situation here.  VPNs breed worse than rabbits.  I've been blocking full CIDR IP blocks and I'm making some headway, but every day there's a new one.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.