This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
X-VPN not getting decrypted
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- X-VPN not getting decrypted
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
X-VPN not getting decrypted
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
08-14-2017 09:51 PM
Hello,
We would like to block the application X-VPN (used on apple iOS system as a VPN app). Using PAN-OS 8.0.1
The firewall sees the traffic as either SSL, web-browsing or google base traffic and doesn’t appear to be decrypting it.
The session ID says the URL is for bing.com in the session but the destination is 104.156.232.205.vultr.com which is where the VPN is hosting their services.
We have tried the following:
Change service (under Policies/Security) to application-default
Select block all sessions (under Objects>Decryption Profile>SSL Proxy)
Any thoughts on this?
Thanks in advance.
7 REPLIES 7
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
11-15-2017 04:44 PM
Hi,
Just wondering if this is still the way you are blocking X-VPN, and is it effective?
Cheers,
Chris
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-01-2021 06:13 AM
Setting up a signature is an option that might work for these types of programs, but it would be only a temporary solution.
Sadly, students seem to always figure out a way to continue to bypass our firewall. I would suggest your organization provided a ticket system to allow your students to request the usage of certain websites or applications. Generally, students will try to access a site(such as youtube.com, which is commonly used for entertainment, research and studies), and are often annoyed that it is blocked, leaving them to attempt other methods that could put their device and your network at risk. Figuring out what sites students would prefer unblocked and if the application is not considered harmful, this allows students to turn to these methods rather than trying to "bypass" the restrictions.
If you are concerned about students using certain sites for malicious purposes, you can include the rights and limitations of the specific type in your organization's Acceptable Use Policy.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-01-2021 08:16 AM
Is there anything malicious they are doing with this VPN?
Related Content
- PAN-OS 10.1.9 -- CAUTION in General Topics
- App-ID | SSL Decryption in Next-Generation Firewall Discussions
- Should Advanced Threat Prevention ( Inline ML ) and Wildfire Analysis be enabled if we dont have a decryption policy enabled ? in Next-Generation Firewall Discussions
- Change forward decrypt trust cert to a new one. in General Topics
- no decryption policy set, wan to wan traffic decrypt is yes in General Topics
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks