Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 1005 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

not able to block Psiphon proxy from mobile

Kripasindhu Ghosh

Hi,

Dear All,

I am not able to block Psiphon proxy using through mobile after blocking all the tunnel / proxy / vpn base applicartion. I have also enabled https decriptions. 

If any more solution is ther ekindly help!



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    have you installed the CA on the phone? Do you have limited ports available rather than any?
    ian

  • +1 in reply to rfcat_vk

    Thanks for the reply!
    I have installed the CA in the mobile.The port related point is not clear. Are you asking about the physical ethernet ports of my firewall. Its XG115 (SFOS 18.5.1 MR-1-Build326) and all ports are in use.  

  • +1 in reply to Kripasindhu Ghosh

    In the firewall rule you need to limit which ports you allow rather than using any. You should use http/s.

    ian

  • 0 in reply to rfcat_vk

    Thanks for the reply!
    After allowing only http/s services, proxy is blocking but Whatsapp, MS Teams and other VOIP like services not working. if im enabling UDP for the VOIP, its helping  Psiphon to start working. 



    Any solution to restore this issue. Kindly suggest. 

  • 0 in reply to Kripasindhu Ghosh

    Hi,

    You need to setup exceptions to the failing applications in the web exceptions. Further you will need to create new firewall rule that'd allows the VoIP devices only and points at the VoIP provider server address as well as limiting the ports used by the VoIP devices.

    Ian

  • 0 in reply to rfcat_vk

    Thanks for the reply,

    I have created one Rule with Mobile IP address to WhatsApp server Public IP address for only WhatsApp service (Service with WhatsApp specific Ports) but failed to enable the WhatsApp communication.  Its showing connecting and downloading and uploading the Images failed. When capturing the packet and filtering with violation, nothing is showing. If possible kindly guide about the next steps. Regarding the Web exceptions, how to use it in the case of WhatsApp application. If possible please advice. 

    WhatsApp used ports: UDP Ports: 34784, 45395, 50318, 59234, TCP Ports: 443, 80, 4244, 5222, 5223, 5228,50318, 59234 & 5242.  WhatsApp Server Public Ip Address: 66.111.48.0/255.255.252.0,66.111.48.0/255.255.255.0,66.111.49.0/255.255.255.0,66.111.50.0/255.255.255.0, 66.111.51.0/255.255.255.0). 

    With Regards,

    KS Ghosh 

Reply
  • 0 in reply to rfcat_vk

    Thanks for the reply,

    I have created one Rule with Mobile IP address to WhatsApp server Public IP address for only WhatsApp service (Service with WhatsApp specific Ports) but failed to enable the WhatsApp communication.  Its showing connecting and downloading and uploading the Images failed. When capturing the packet and filtering with violation, nothing is showing. If possible kindly guide about the next steps. Regarding the Web exceptions, how to use it in the case of WhatsApp application. If possible please advice. 

    WhatsApp used ports: UDP Ports: 34784, 45395, 50318, 59234, TCP Ports: 443, 80, 4244, 5222, 5223, 5228,50318, 59234 & 5242.  WhatsApp Server Public Ip Address: 66.111.48.0/255.255.252.0,66.111.48.0/255.255.255.0,66.111.49.0/255.255.255.0,66.111.50.0/255.255.255.0, 66.111.51.0/255.255.255.0). 

    With Regards,

    KS Ghosh 

Children
No Data