3rd party VPN software

eLvs
Getting noticed

3rd party VPN software

we are currently using mx 100 firewall and some of our user have 3 party vpn like nord vpn, and when using this vpn routing to the US the meraki policy are not working anymore, like the layer 7 and layer 3 firewall rules, is there a way where even the user uses its 3rd party VPN assign policy rules still works? 

6 Replies 6
Brash
Kind of a big deal
Kind of a big deal

The Meraki firewall rules can't take effect because the user's traffic is being tunneled through the VPN. All the MX would see is traffic destined for the VPN provider.

 

You'd be better off blocking the 3rd party VPN providers to prevent users from using them.

eLvs
Getting noticed

they use the VPN for the country restriction that is needed to complete their task, i thing the host file will be our last resort on this to block unwanted sites to be visited but alot of sites to be listed 
thanks bro

BlakeRichardson
Kind of a big deal
Kind of a big deal

Welcome to the nightmare that is VPN's. Yes you can block VPN at an application level but new ones come out every day and it's really a game of cat and mouse.

 

The average person doesn't need a VPN even if their favourite Youtube channel tells them they do. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
eLvs
Getting noticed

i think it is not possible on the layer 7 firewall there is no application for VPN and also on layer 3, is it possible to block it in the block list url patterns? 

tnx bro 

KarstenI
Kind of a big deal
Kind of a big deal

And always remember: Using an anonymity VPN only means that now someone else can spy on you.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
eLvs
Getting noticed

their VPN is allowed and paid but its risky since they dont have any restrictions 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels