- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
01-21-2016 08:22 AM
Hello all,
Does anyone know whether Palo Alto can block the SoftEther VPN Client application?? Is a custom application needed to block that traffic??
Many thanks in advance.
Kind Regards,
Marcos.
01-21-2016 08:43 AM
Hi Marcos,
Currently there is no App-ID for this, you can request one here:
https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Request-a-new-App-ID/ta-p/60834
Or create a custom app.
Or you could find out the protocols and domains it uses and then create a rule to block these. You can run traffic through the firewall with a test rule and then see what traffic hits this rule and block those applications & URLS.
hope this helps,
Ben
01-21-2016 08:42 AM
If you cannot found any then custom application should be created make sure that custom application should be match any other traffic.
01-21-2016 08:43 AM
Hi Marcos,
Currently there is no App-ID for this, you can request one here:
https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Request-a-new-App-ID/ta-p/60834
Or create a custom app.
Or you could find out the protocols and domains it uses and then create a rule to block these. You can run traffic through the firewall with a test rule and then see what traffic hits this rule and block those applications & URLS.
hope this helps,
Ben
01-22-2016 02:40 AM
Many thanks guys for your answers.
Best Regards,
Marcos.
02-05-2016 01:22 PM - edited 02-05-2016 01:22 PM
Currently we don't have an App-ID for this application. As part of our App-ID best practices we recommend blocking protocols like IPSec/IKE and similar to unknown destinations on the internet. Could you let us know how this traffic is cucrently identified? Are you trying to block or allow?
-Thanks
The Palo Alto Networks App-ID Team
03-10-2019 10:49 PM
Some users started to use SoftEther VPN client on our company which allows them to bypass URL Filtering policy. How can we allow them to use VPN client but still allow or block access to certain websites. We already implemented SSL decryption rule but it is not working when they are using SoftEther VPN.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!