Meraki Community

Naw2

Dear All,

I have configured Splash page for guest wireless with billing. Now, I'm facing some issue. My issue is end user can access internet without login to splash page. I have configured Advanced splash settings >> Captive portal strength >> Block all access until sign-on is complete. But, they can bypass our splash page using Thunder VPN. So, I would like to know how to block Thunder VPN traffic and services port in MX-100.

Please help to find the solution for my issue.

Thanks

Naw2

Brash

You can enable the "Proxy Avoidance and Anonymizers". content filter category

However it may be hit or miss for certain private VPN's.

Naw2

Hi,

I can't find "Proxy Avoidance and Anonymizers" in my content filter category.

Please check the following;

Please help to find the best solution. Thanks for your help.

Naw2

Brash

You're right, the category changed and is now split out to "Personal VPN"

cmr

As it looks like @Naw2 already has that category blocked, I'd install it on a client and see what servers it connects to to get started. You can then create a rule to block those. From the reviews I've seen they don't have many IPs per country, so whilst it will be a little bit of effort, it won't be that bad.

PhilipDAth

Try capturing "port 53" as it starts up and connects. Note all the DNS entries it talks to. Create a firewall rule to block those DNS entries.

evaelfie

Reinforce Captive Portal Rules: Ensure your captive portal settings are strictly configured to block all internet access until successful authentication.
Detect VPN Traffic: Implement deep packet inspection (DPI) to identify VPN traffic qatar visa check, patterns and redirect users to the captive portal.
Update Firmware: Keep your MX-100 firmware up-to-date for the latest security features and bug fixes.

Meraki Community

How to block Thunder VPN traffic and service port in MX-100?

How to block Thunder VPN traffic and service port in MX-100?