hi
I need to block VPN access for all computers in my network and allow only that who need it for work
How I can do that I have rb2011 V6.45.2
That really isn’t possible…
please explain why
I saw a video on you tube blocking some ports for vpn access such as pptp but I need to see it again
There are so many VPN programs and so many that use common ports like 443 that it is impossible to block them.
There are even VPN programs that work via DNS! Those often even work when you have a hotspot and the user has no account/ticket.
Really, when you “need to block” you should not offer internet access at all.
thank you
The correct method is to allow the necessary services and then block all other traffic on forward chain!
But that is usually not practical either. There is no easy way to allow a service like a generic website, and even allowing
generic services like a DNS resolver which recurses to internet DNS (rather than serving only static names) will open up your
router for determined people wanting to setup a VPN.