How to block VPN connections through Firewall?
VPN uses certain services like PPTP over a network, which means VPN uses certain encrypted channel and it is called protocol tunneling.
Basic blocking method involves blocking of the ports used by these VPNs which can be identified by a Networks expert and could be blocked on the firewall.
Do you know other ways to block VPN connections through firewall? Do post them below!
There are usually two configurations (atleast in good firewalls/DPI)
Content filtering for URL filtering. Application layer rules for applications. Correct term would be services instead of applications.
The really interesting part would be "how is it done".
Yes URL filtering works just on the Application layer. But using a VPN allows someone to tunnel a connection. VPN either uses an TLS connection on the firewall open ports or it creates a tunnel (uses a different port which usually does not go through the firewall)
But today's VPN also allows one to connect to different country's server to get info which is blocked or restricted.
Working on creating a network level block is the way to restrict VPN connections.
why do we block VPN connections?
Depending on what type of VPN, it might not require deep packet inspection.
If it’s an IPSec VPN, then not permitting UDP 500 (and potentially: AH & ESP) will prevent connectivity.