Dear All,
I have configured Splash page for guest wireless with billing. Now, I'm facing some issue. My issue is end user can access internet without login to splash page. I have configured Advanced splash settings >> Captive portal strength >> Block all access until sign-on is complete. But, they can bypass our splash page using Thunder VPN. So, I would like to know how to block Thunder VPN traffic and services port in MX-100.
Please help to find the solution for my issue.
Thanks
Naw2
You can enable the "Proxy Avoidance and Anonymizers". content filter category
However it may be hit or miss for certain private VPN's.
Hi,
I can't find "Proxy Avoidance and Anonymizers" in my content filter category.
Please check the following;
Please help to find the best solution. Thanks for your help.
Naw2
You're right, the category changed and is now split out to "Personal VPN"
As it looks like @Naw2 already has that category blocked, I'd install it on a client and see what servers it connects to to get started. You can then create a rule to block those. From the reviews I've seen they don't have many IPs per country, so whilst it will be a little bit of effort, it won't be that bad.
Try capturing "port 53" as it starts up and connects. Note all the DNS entries it talks to. Create a firewall rule to block those DNS entries.
Reinforce Captive Portal Rules: Ensure your captive portal settings are strictly configured to block all internet access until successful authentication.
Detect VPN Traffic: Implement deep packet inspection (DPI) to identify VPN traffic qatar visa check, patterns and redirect users to the captive portal.
Update Firmware: Keep your MX-100 firmware up-to-date for the latest security features and bug fixes.