Meraki

Community

Blocking P2P at Layer 7 - Does VPN circumvent?

RumorConsumer
Head in the Cloud
‎Oct 1 2019 11:45 AM
‎Oct 1 2019 11:45 AM

Blocking P2P at Layer 7 - Does VPN circumvent?

I think this is wise for me as I have a lot of guests come and go. So I switched it on on my WLAN, both SSIDs - regular and guest. I don't want any complaints. 

 

If somebody decides to torrent and they use a VPN, it will likely evade this rule, but then it would also evade anybody in law enforcement who would blame us, right? 

 

 

Bonus points - For that matter, does VPN circumvent all Layer 7 rules? 

Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
0 Kudos
10 Replies 10
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Oct 1 2019 11:55 AM
‎Oct 1 2019 11:55 AM

Damn right, sir. The only thing the infrastructure will see is the VPN tunnel. Everything that‘s inside of it is being effectively hidden...which is the definite reason to use it. 😉

 

For that matter, VPN will also circumvent Layer 7 rules. The only Layer 7 rule coming into play is the one for the „outer“ traffic, aka VPN tunnel.

In response to CptnCrnch
RumorConsumer
Head in the Cloud
‎Oct 1 2019 11:56 AM
‎Oct 1 2019 11:56 AM

Ok this is fine. I don't care if people do it as long as its protected. My bandwidth rules will still apply which is really what I care about. 

Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
0 Kudos
Nash
Kind of a big deal
‎Oct 1 2019 11:57 AM
‎Oct 1 2019 11:57 AM

If you had an MX, you could try blocking 'proxies and anonymizers' to help with this but uh... I think you'd have a lot of angry customers. It also wouldn't solve the problem of people using private RA VPN setups.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
RumorConsumer
Head in the Cloud
‎Oct 1 2019 12:03 PM
‎Oct 1 2019 12:03 PM

I want to force people to be safe about it and not expose us to problems. So if I ban it from Layer 7 in those settings and they find a way around my protection and law enforcement at the same time thats on them. 

Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
0 Kudos
In response to RumorConsumer
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Oct 1 2019 12:20 PM
‎Oct 1 2019 12:20 PM

@RumorConsumer  Yes users will be able to use P2P software over VPN, that is why so many VPN app's have shown up in the last 2-3 years as a means of getting around content filtering and application firewalls. 

 

VPN is part of a teenagers lingo these days. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
In response to BlakeRichardson
RumorConsumer
Head in the Cloud
‎Oct 1 2019 2:35 PM
‎Oct 1 2019 2:35 PM

Party on crazy teenagers with their encrypted tunnels. Never change.

Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
0 Kudos
In response to RumorConsumer
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Oct 1 2019 3:12 PM
‎Oct 1 2019 3:12 PM

Whats next the warn on VPN?

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to BlakeRichardson
RumorConsumer
Head in the Cloud
‎Oct 1 2019 3:51 PM
‎Oct 1 2019 3:51 PM

Haha thats funny. VPNs are corrupting America's youth.

Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
0 Kudos
In response to RumorConsumer
Nash
Kind of a big deal
‎Oct 1 2019 6:42 PM
‎Oct 1 2019 6:42 PM

Nahhhhh, trust me, the youth have been perfectly capable of corrupting themselves since we were all youth. It's the joy of growing up.

Windows 10 Client VPN scripts: Makes life better!
0 Kudos
In response to Nash
RumorConsumer
Head in the Cloud
‎Oct 1 2019 6:52 PM
‎Oct 1 2019 6:52 PM

Yes that was dry sarcasm. I’m one of em. Er, was?
Networking geek since high school where I got half of a CCNA. Played Marathon II and Infinity over localtalk.
Made many a network over the years, now de facto admin of a retreat center with some of this fine Meraki hardware.
Fortune 100 Tech veteran/refugee.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.