Block Psiphon App

Hi, 

Based on my experience on blocking psiphon in Sophos XG, first block it in the application control and web filtering then enable "decrypt and scan" in the policy where the traffic would pass and create a policy that would block outbound SSH connectivity.

Hope that helps, let us know if that worked for you.

Regards,

Rap

 SW INFO:

-Eve-NG

-Sophos XG qcow v16.05.3

PROBLEMS:

1. Psiphon still can connect

What steps I miss

tq

Hi,

did you configure blocking of proxy and tunnels in web filtering? and please try configure blocking of outbound ssh connectivity. 

kindly let us know of the outcome.

regards,

Create Application Filter with "Proxy and Tunnels" category selected

Create Web Filter with Anonymizers selected

SSH out allowed or disallowed both doesn't stop blocking Psiphon

Create Firewall Rule

RESULT:

1. Psiphon can still connected

2. ZenMate Blocked

Hi,

i have the same problem,PSIPHON3 still working.

iam on XG-FIREWALL 'SFV2C4'.

i tryed boking IP's pool, but there is to much.

Cordially.

hi,

have you enabled https decrypt and scan for this policy?

Hi,

it's not possible for me to enable https decrypt.

the users receive a lot of message of the unknows certificate all the time, and lot of mail service are blocked “Your connection is not privacy”.

mmmmmmmm.

cordially.

You will need to setup a seperate rule for your mail clients to reduce the affects of decrypt and scan.

Outlook mail will fail with decrypt and scan and will not pass your mail rule, but will go through your general rule. The mail decrypt and scanning is limited to ports provided by Sophos so you can't use other ports.

Ian

You will need to setup a seperate rule for your mail clients to reduce the affects of decrypt and scan.

Outlook mail will fail with decrypt and scan and will not pass your mail rule, but will go through your general rule. The mail decrypt and scanning is limited to ports provided by Sophos so you can't use other ports.

Ian