Is it possible to block Tor Browser when connected to a VPN via Cisco AnyConnect

Question

In terms of firewalls I am a beginner (just bought my first XG). I want to set up a policy that blocks Tor Browser (so a user inside the network can't use Tor to surf the internet), for this case I found some threads and discussions. But while in general the use of proxies, tunnels and other anonymizing techniques should be blocked on the network, establishing a VPN connection to a particular university network should be possible. The VPN is established via Cisco AnyConnect Client. I want to make sure that even when using this VPN, a user is not able to use Tor Browser. Will this be possible (despite this limitation)? Which protections will I need, is web protection enough or will I need network protection as well?

This thread was automatically locked due to age.

Bowale Oyenuga · Answer

Check this video out and Kindly subscribe to my channel for more technical know-how on Sophos XG firewall

rfcat_vk · Answer

Hi, 
 There are two basic scenarios :- 
 1/. The applications are seen by the firewall 
 a) using application and web poiicies after you install the XG CA on your devices. 
 b) the connections are going through the web proxy and using known protocols. 
 c) the VPNs originate or terminate on the firewall. 
 in this case you can block TOR. 
 
 2/. The VPNs start on the users device 
 a) the firewall will not be able to inspect the traffic within the VPN because it does not have the details of the connection eg shared key, negotiated connection security settings. 
 In this case you will not be able to block TOR. 
 Ian

Bowale Oyenuga · Answer

Using Cisco anyConnect, the XG only respond to connection, it does not initiate it..