Hi,
I had to block Tiktok on Fortigate, which is fine, however students are now downloading “VPN - Super Unlimited Proxy” on the app store to bypass that. I’ve looked at creating a custom signature for the IPS and/or App Control, but I’m not sure how to create it (–service ; --protocol ;)…
Thank you for your time.
Have you looked in the Proxy category? Or you could look at the traffic logs and what it is categorized as. My recommendation would be to block the entire Proxy category and then make exceptions as you need them.
I just tested this and Fortigate identifies this VPN as OpenVPN. Check what your settings are for that signature.
We have several customers that run school campuses where VPN and proxy avoidance are blocked. We block on proxy avoidance and new domains, that way the proxies that run on https and are dynamic URL’s are still getting caught by the webfilter. The students hate it because it also blocks the iCloud Privacy VPN garbage but the customers are very happy.
Submit an AppControl new app request.
EDIT: Reading other comments, i’m seeing that you could’ve possible just misconfigured some settings. Also Web Filtering and Application Control work together, VPNs can really be tricky to capture most especially if you dont have SSL decryption enabled (which most users do).
Thanks to everyone, I did contact Fortinet, I had to block the ISAKMP protocol (in proxy)
I worked with support they had changed tiktok to a porn category on one of my fortigates to block it for us. They overrode the category for that one website, worked flawlessly.
If you don’t want to block all proxy avoidance type sites, but do want that one, you might want to look at over riding the category to one of your black listed categories.
Sometimes, technology is not the solution to everything. Administrators want to pass the buck and have tech solve the problem that is actually a disciplinary problem. Sure you can block this vpn, but you’ll have to keep doing it over and over Ad infinitum as more pop up. they will always find a way.