Does Palo Alto block SoftEther VPN Client application??

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Does Palo Alto block SoftEther VPN Client application??

L3 Networker

Hello all,

 

Does anyone know whether Palo Alto can block the SoftEther VPN Client application?? Is a custom application needed to block that traffic??

 

Many thanks in advance.

 

Kind Regards,

Marcos.

1 accepted solution

Accepted Solutions

L4 Transporter

Hi Marcos,

 

Currently there is no App-ID for this, you can request one here:

 

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Request-a-new-App-ID/ta-p/60834

 

Or create a custom app.

 

Or you could find out the protocols and domains it uses and then create a rule to block these. You can run traffic through the firewall with a test rule and then see what traffic hits this rule and block those applications & URLS.

 

hope this helps,

Ben

View solution in original post

5 REPLIES 5

L5 Sessionator

If you cannot found any then custom application should be created make sure that custom application should be match any other traffic.

L4 Transporter

Hi Marcos,

 

Currently there is no App-ID for this, you can request one here:

 

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Request-a-new-App-ID/ta-p/60834

 

Or create a custom app.

 

Or you could find out the protocols and domains it uses and then create a rule to block these. You can run traffic through the firewall with a test rule and then see what traffic hits this rule and block those applications & URLS.

 

hope this helps,

Ben

Many thanks guys for your answers.

 

Best Regards,

Marcos.

L4 Transporter

Currently we don't have an App-ID for this application. As part of our App-ID best practices we recommend blocking protocols like IPSec/IKE and similar to unknown destinations on the internet. Could you let us know how this traffic is cucrently identified? Are you trying to block or allow?

 

 

-Thanks

The Palo Alto Networks App-ID Team 

L1 Bithead

Some users started to use SoftEther VPN client on our company which allows them to bypass URL Filtering policy. How can we allow them to use VPN client but still allow or block access to certain websites. We already implemented SSL decryption rule but it is not working when they are using SoftEther VPN. 

  • 1 accepted solution
  • 8142 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!