Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 8089 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How To Block Teamviewer accessing to PC's from outside Network on XG Firewall

Rizky Yugho

I want to ask about How To blocking Teamviewer accessing PC's in my network under XG Firewall from outside network?



This thread was automatically locked due to age.
Parents
  • 0

    It is kinda complicated to do so. 

    You would have to block the Teamviewer Port (Port 5938) and block all access to their servers port 443. But this would block teamviewer completely (no access from your network). 

    I guess, this is not possible on gateway level. Teamviewer relies on a communication to their server and it will build up a connection all the time as far as i know.

    Hence i would suggest to contact Teamviewer if such a configuration is possible within Teamviewer. 

  • 0 in reply to LuCar Toni

    i mean, what kind of configuration that i should set on My XG, i am very newbie for this XG Firewall.

    i appreciate if you have tutorial, or screenshoot of this configuration.

  • 0 in reply to Rizky Yugho

    Are you using https scanning and do you have the XG CA installed on your devices?

    You should be able to block team viewer with a mix of web and application policies.

    But as LuCar asked do you allow your staff to access team viewer for support outgoing?

    Ian

  • +1 in reply to Rizky Yugho

    Hello Rizky,

    We have two signatures on the application filter and would suggest to add these two signatures as per the snapshot and add them to your application filter which is applied on your firewall rules.

    You may refer this KBA as a reference in creating filter.

    I have tested this with no scanning on HTTP/HTTPS and the latest teamviewer version 14.2.2558 and IPS version 9.15.73.

  • 0 in reply to rfcat_vk

    my staff don't use teamviewer for outgoing support., but we have vendor who should often use teamviewer for 2 server in our network.

    so we want to block all user., except 2 IP for those servers.

  • 0 in reply to Rizky Yugho

    Hi Rizky,

    who initiates the connection to/from the servers? If it is always by your team then you can create firewall rule only allowing those two servers to access the support companies support IP address.

    Ian

Reply Children