Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 18 replies
  • Subscribers 36 subscribers
  • Views 22133 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking Psiphon, Ultrasurf, etc.

Deo Angelo Lim

Hi Guys,


Good day!

 

If you are having a problem on blocking these kind of applications. Do not hesitate that the application filtering of SophosXG is not working or do not even try to block it on IPS (Custom IPS). Its a matter of adjustments in Console. See steps below:

 

1. Log in as a Super administrator (username: admin)

2. Go to admin drop-down options and choose CONSOLE.

3. As usual you have to log in again.

4. Chose option 4 which is Device Console.

5. Type this command "show ips-settings", maxpkts should be in default value = 8, and you have to change the value to 70.

6. Run this command "set ips maxpkts 70".

7. Run again to double check "show ips-settings".

8. Then try to test again if these applications are blocked already.

 

Warm Regards,

Deo Angelo Lim



This thread was automatically locked due to age.
Parents
  • 0

    I am blocking Psiphon Proxy with below setup. And you must use https decryption for active scanning and blocking web/apps. Nearly %80 of services running on https.

     

    Source Zone Lan

    Destination Zone WAN

    Source Service - Any

    Destination Service DNS,FTP,HTTP,HTTPS,IMAP,SMTP(S),POP3,SMTP,ICMP (if you want)

    Scan Options
    SCAN HTTP
    SCAN HTTPS
    BLOCK GOOGLE QUIC
    SCAN FTP

    Web Filter
    None - Warn
    Uncategorized - Warn
    Anonymizers - Block
    IPAddress - Block
    Peer-to-peer & torrents - Block
    Radio & Audio Hosting - Block
    Sex Education - Block
    Sexually Explicit - Block
    Spam URLs - Block
    Spyware & Malware - Block
    Unauthorized Software Stores - Block
    Video hosting - Block

    App Filter
    HTTP Tunnel Proxy - Deny
    SSH - Deny
    DNS - Deny
    Proxy and Tunnel - Deny

Reply
  • 0

    I am blocking Psiphon Proxy with below setup. And you must use https decryption for active scanning and blocking web/apps. Nearly %80 of services running on https.

     

    Source Zone Lan

    Destination Zone WAN

    Source Service - Any

    Destination Service DNS,FTP,HTTP,HTTPS,IMAP,SMTP(S),POP3,SMTP,ICMP (if you want)

    Scan Options
    SCAN HTTP
    SCAN HTTPS
    BLOCK GOOGLE QUIC
    SCAN FTP

    Web Filter
    None - Warn
    Uncategorized - Warn
    Anonymizers - Block
    IPAddress - Block
    Peer-to-peer & torrents - Block
    Radio & Audio Hosting - Block
    Sex Education - Block
    Sexually Explicit - Block
    Spam URLs - Block
    Spyware & Malware - Block
    Unauthorized Software Stores - Block
    Video hosting - Block

    App Filter
    HTTP Tunnel Proxy - Deny
    SSH - Deny
    DNS - Deny
    Proxy and Tunnel - Deny

Children
No Data