https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/350012#M86920 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/155233">@DWilkin</a> ,</P> <P>&nbsp;</P> <P>How is the traffic being identified ? Are you decrypting (if possible) ?</P> <P>&nbsp;</P> <P>You could try blocking encrypted tunnel and proxy traffic.&nbsp; But you might be blocking too much this way.</P> <P>In addition you can block IP addresses that the app is using.</P> <P>&nbsp;</P> <P>Cheers,</P> <P>-Kiwi.</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Thu, 17 Sep 2020 09:57:45 GMT kiwi 2020-09-17T09:57:45Z https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/348474#M86742 <P>Hi All,</P><P>&nbsp;</P><P>Just wondering if anyone has a solution in creating either an application id for proton vpn, and or other methods in preventing users from bypassing the palo firewall.</P><P>&nbsp;</P><P><A href="https://protonvpn.com/" target="_blank">https://protonvpn.com/</A></P><P>&nbsp;</P><P>I have discovered today that this application is not being blocked or denied access from internal users.</P><P>Thanks</P><P>Regards</P><P>Daniel</P> Fri, 11 Sep 2020 08:01:08 GMT https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/348474#M86742 DWilkin 2020-09-11T08:01:08Z https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/350012#M86920 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/155233">@DWilkin</a> ,</P> <P>&nbsp;</P> <P>How is the traffic being identified ? Are you decrypting (if possible) ?</P> <P>&nbsp;</P> <P>You could try blocking encrypted tunnel and proxy traffic.&nbsp; But you might be blocking too much this way.</P> <P>In addition you can block IP addresses that the app is using.</P> <P>&nbsp;</P> <P>Cheers,</P> <P>-Kiwi.</P> <DIV id="ConnectiveDocSignExtentionInstalled" data-extension-version="1.0.4">&nbsp;</DIV> Thu, 17 Sep 2020 09:57:45 GMT https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/350012#M86920 kiwi 2020-09-17T09:57:45Z https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/350257#M86947 <P>Hi Kiwi,</P><P>&nbsp;</P><P>Doing some deeper log searchers it appears that open-vpn is capturing and recording users use of proton vpn application. Currently checking and creating restrictions on the app-id open vpn for these group of users. Will advise once I have had time to perform some testing.</P><P>Appreciate your response and input though - cheers.</P> Fri, 18 Sep 2020 00:01:56 GMT https://live.paloaltonetworks.com/t5/general-topics/prevent-user-traffic-from-proton-vpn-application/m-p/350257#M86947 DWilkin 2020-09-18T00:01:56Z