Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
How to Block the Psiphon Application - Knowledge Base - Palo Alto Networks

How to Block the Psiphon Application

47994
Created On 09/25/18 17:15 PM - Last Modified 01/27/25 19:48 PM


Objective


Some applications must be blocked in order to stop Psiphon traffic.

Procedure


Psiphon is a tunneling application for evading censorship, however it provides no additional security for communications. The Psiphon site states, "Psiphon is designed to provide a channel to access content that is normally filtered. It is not a replacement for a secure communication environment. Psiphon will not secure e-mail, encrypt hard drive, or provide the user with end-to-end anonymity."

 

Psiphon uses 3 protocols:

  1. Http Proxy, which is based on newer revision documentation. SSL support has been added.
  2. SSH
  3. VPN: Ike/Ipsec/l2tp


In order to block the Psiphon, SSL and SSH decryption, as well as VPN traffic to internal segments, must be blocked.

It is very important to correctly block internal users only from using VPN related applications. Creating a rule that is too broad could potentially cause connectivity issues with remote sites.

 
Other users also viewed:
How to download GlobalProtect from the Customer Support Portal
Download and Install the GlobalProtect App for Windows
Resource List: GlobalProtect Configuring and Troubleshooting
PAN-OS Software Updates
Where to find the current preferred software versions? (PAN-OS, GlobalProtect, User-ID Agent, Plugins)
Results 1-5 of 194,145
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClDzCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language