cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How To Block Fortnite

SOLVED
Conversationalist

How To Block Fortnite

I've got someone asking me to block the game Fortnite at their office.  The trouble is that it appears to be hosted in AWS and the servers are dynamic.  Anyone run into this or have any suggestions on how to do it?

1 ACCEPTED SOLUTION

Accepted Solutions
Getting noticed

Re: How To Block Fortnite

Heh... check this out. I did this for our school, Fortnite will load, but with ping times of well over 1000ms its mostly useless! To find this information, i loaded up the game on a work computer and did a wireshark capture, from there i made this rule. Works wonders!2018-04-27 08_47_35-Traffic Shaping - Meraki Dashboard.png

 

Message from Meraki

 

Hi there!  We have noticed that this thread is one of the top Google search results for “How to block Fortnite” (and similar queries).  Given this thread’s popularity, many of you will see it and perhaps have no idea what this “Meraki” thing is.  If that’s you, allow us to answer that.

 

Meraki is the “cloud managed networking” segment of Cisco Systems.  Meraki became a part of Cisco in 2012, became one of their most successful acquisitions ever, and is now a multi-billion dollar business inside of Cisco and growing rapidly.  Cisco Meraki is all about IT simplicity, and we develop cloud-managed IT infrastructure (access points, switches, security appliances, cameras, and software for mobile device management and application analytics), with rich enterprise feature sets, combined with the world’s simplest and most intuitive IT management solution, the Meraki Dashboard.  Our mission in all we develop is to provide powerful technology that simply works, and is all centrally managed from any browser, on any device, from any place at any time.  A Meraki solution monitors its own health, keeps itself up to date, allows automation with open APIs, and can alert you when things go wrong.

 

Setting up things for online gaming like traffic shaping, application blocking, and content filtering are simple and intuitive to set up in the Meraki Dashboard with just a few clicks.  If you are hearing of Meraki for the first time, please watch this video for a 2-minute introduction.  And please join us for an upcoming webinar (and get a free AP if eligible), or check out this webinar recording for an Introduction to Cloud Managed IT with Meraki.  If you would like a free trial of some Meraki equipment, that’s also simple to do right here.

16 REPLIES 16
Getting noticed

Re: How To Block Fortnite

Heh... check this out. I did this for our school, Fortnite will load, but with ping times of well over 1000ms its mostly useless! To find this information, i loaded up the game on a work computer and did a wireshark capture, from there i made this rule. Works wonders!2018-04-27 08_47_35-Traffic Shaping - Meraki Dashboard.png

 

Message from Meraki

 

Hi there!  We have noticed that this thread is one of the top Google search results for “How to block Fortnite” (and similar queries).  Given this thread’s popularity, many of you will see it and perhaps have no idea what this “Meraki” thing is.  If that’s you, allow us to answer that.

 

Meraki is the “cloud managed networking” segment of Cisco Systems.  Meraki became a part of Cisco in 2012, became one of their most successful acquisitions ever, and is now a multi-billion dollar business inside of Cisco and growing rapidly.  Cisco Meraki is all about IT simplicity, and we develop cloud-managed IT infrastructure (access points, switches, security appliances, cameras, and software for mobile device management and application analytics), with rich enterprise feature sets, combined with the world’s simplest and most intuitive IT management solution, the Meraki Dashboard.  Our mission in all we develop is to provide powerful technology that simply works, and is all centrally managed from any browser, on any device, from any place at any time.  A Meraki solution monitors its own health, keeps itself up to date, allows automation with open APIs, and can alert you when things go wrong.

 

Setting up things for online gaming like traffic shaping, application blocking, and content filtering are simple and intuitive to set up in the Meraki Dashboard with just a few clicks.  If you are hearing of Meraki for the first time, please watch this video for a 2-minute introduction.  And please join us for an upcoming webinar (and get a free AP if eligible), or check out this webinar recording for an Introduction to Cloud Managed IT with Meraki.  If you would like a free trial of some Meraki equipment, that’s also simple to do right here.

Kind of a big deal

Re: How To Block Fortnite

You could use a layer 3 firewall rule and block the FQDN and ports give in the traffic shapping example.

 

You could probably also use content filtering and block "Gaming",

Conversationalist

Re: How To Block Fortnite

Yeah - that's what I wanted to do.  I just can't find any documentation online of what ports or destinations fortnite can be found at.

Kind of a big deal

Re: How To Block Fortnite

Here is what I would do.  Start with the gaming device off.  Start a packet capture of all DNS queries.  Start up the gaming device, and then the game.  Stop the packet capture.

 

Now you have a list of the DNS names it needs to work.  Chances are one of them is used to login or verify that the game is legal and legit.  There is possible one or more domains used to start the actual game as well.

 

Now that you have these, create a firewall rule blocking these domain names using FQDN rules.

https://documentation.meraki.com/MX-Z/Firewall_and_Traffic_Shaping/Firewall_Settings#FQDN_Support

 

 

I'm thinking you'll be finished the whole job in 15 minutes.

Kind of a big deal

Re: How To Block Fortnite


@PhilipDAth wrote:

Here is what I would do.  Start with the gaming device off.  Start a packet capture of all DNS queries.  Start up the gaming device, and then the game.  Stop the packet capture.

 

Now you have a list of the DNS names it needs to work.  Chances are one of them is used to login or verify that the game is legal and legit.  There is possible one or more domains used to start the actual game as well.

 

Now that you have these, create a firewall rule blocking these domain names using FQDN rules.

https://documentation.meraki.com/MX-Z/Firewall_and_Traffic_Shaping/Firewall_Settings#FQDN_Support

 

 

I'm thinking you'll be finished the whole job in 15 minutes.


That 15 minutes will be deducted from your paycheck though.

Building a reputation

Re: How To Block Fortnite

According to the Epic Games web site the ports 80, 433 and 5220 are the ports uses, so that may be a little awkward.

 

However they state that epicgames.com must be accessible to play, so I guess a layer 7 rule for that domain would be a good place to start.

 

http://fortnitehelp.epicgames.com/customer/en/portal/articles/2443365-network-connectivity-troublesh...

lcw
New here

Re: How To Block Fortnite

It's best to block Fortnite by DNS or TLS SNI. But if you can't for some reason, you can still block it by IP address.

 

 

I've been maintaining an IP list at http://beeline.org/fortnite for both Fortnite (~700 IP's) and Twitch (~150 IP's). The lists seem to grow every time my kid plays!

 

Building a reputation

Re: How To Block Fortnite

I forced myself to visit this as initial tests revealed that I think Fortnite is absolutely awful for so many reasons and I have played PvP games since they were first available (including way back to Midi Maze and (nc-)snipes.)

 

Interestingly there is a difference between platforms for the way endpoints are dealt with

 

The Nintendo Switch version is nice as it uses the expected epicgames.com domain names.

 

However the XBox uses some of the IP addresses, which I assume are gathered via the XBox Live service (as it isn't routed purely through the MS service.)

 

Edit: The dame doesn't directly connect to the Epic authentication serves the first time you play it (if you select 'Use my Gamer Tag')

After that it uses ol.epicgames.com so a L7 rule on epicgames.com does allow you to play with connectivity/throughput till your heart is content.

I don't know what the Playstation 4 uses as I don't have access to one at the moment.

New here

Re: How To Block Fortnite

What program did you use to create the rule?

Building a reputation

Re: How To Block Fortnite

In my case I simply created a L7 firewall rule on my MX64 as shown in the attached image (though I have disabled it by adding zzz to the URL as one of the offspring would not have been too happy if left the block in place)Block Fortnite.PNG

New here

Re: How To Block Fortnite

Hi, I was wondering if I could use this same software but instead to lower my ping instead of make it in the thousands for fortnite. The only other way to do this is by buying a $200 router that has DumaOs geo filter capabilities. 

Kind of a big deal

Re: How To Block Fortnite


@issathor wrote:

Hi, I was wondering if I could use this same software but instead to lower my ping instead of make it in the thousands for fortnite. The only other way to do this is by buying a $200 router that has DumaOs geo filter capabilities. 


I guess if the issue of high lag is caused by the game choosing a server that is not in your region, the GeoIP firewall rules could help. But you need an MX firewall and the advanced security license for that. That'll cost at least that. It's not "software".

Highlighted
Building a reputation

Re: How To Block Fortnite

The only thing I could think of is of Epic have a peering agreement with your ISP (which I doubt) you could possibly edit a hosts file on your machine to point epic.com (and whatever other servers) to the service your ISP is directly connected to.

 

However I don't know enough about Fortnite to say if this is the case.

Here to help

Re: How To Block Fortnite

Find out who is playing the game at work and for how long, then deduct that time from their paycheck. If they can still complete their work, then they are being efficient and your company will save money by only paying them for the time they worked.  They can be rewarded for their efficiency by using their leftover time to either complete more work for more pay, or have unpaid time to play games. If they don't complete their work, then you can replace them with someone else who would rather get paid then play games.  I think allowing people to be responsible for themselves as much as possible is the best method for cases like this.  Otherwise, you will always be playing whack-a-mole with every new time-wasting app/game/site.  This also forces managers to pay attention to their employees, instead of relying on the I.T. police while they play games too 😉

Conversationalist

Re: How To Block Fortnite

Not disagreeing at all.  But I'm an IT consultant and it's not my place to do that for them!  They asked more for something specific and it's my job to deliver it.

Meraki Employee

Re: How To Block Fortnite

Hi there!  We have noticed that this thread is one of the top Google search results for “How to block Fortnite” (and similar queries).  Given this thread’s popularity, many of you will see it and perhaps have no idea what this “Meraki” thing is.  If that’s you, allow us to answer that.

 

Meraki is the “cloud managed networking” segment of Cisco Systems.  Meraki became a part of Cisco in 2012, became one of their most successful acquisitions ever, and is now a multi-billion dollar business inside of Cisco and growing rapidly.  Cisco Meraki is all about IT simplicity, and we develop cloud-managed IT infrastructure (access points, switches, security appliances, cameras, and software for mobile device management and application analytics), with rich enterprise feature sets, combined with the world’s simplest and most intuitive IT management solution, the Meraki Dashboard.  Our mission in all we develop is to provide powerful technology that simply works, and is all centrally managed from any browser, on any device, from any place at any time.  A Meraki solution monitors its own health, keeps itself up to date, allows automation with open APIs, and can alert you when things go wrong.

 

Setting up things for online gaming like traffic shaping, application blocking, and content filtering are simple and intuitive to set up in the Meraki Dashboard with just a few clicks.  If you are hearing of Meraki for the first time, please watch this video for a 2-minute introduction.  And please join us for an upcoming webinar (and get a free AP if eligible), or check out this webinar recording for an Introduction to Cloud Managed IT with Meraki.  If you would like a free trial of some Meraki equipment, that’s also simple to do right here.

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.