Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Nov 2009
    Posts
    3

    Default Creating Patterns for VPN Connections

    Hi everyone,

    Iím quite new to Untangle. My needs for Untangle are simple, I administer an IT School and wish to filter out all unwanted protocol from going out to the net. We already have Squid + Squidguard + Firewall which only allows ports 80 and 443 out to the net, but our students are very creative and are using VPN over HTTPS connection to get around all web and port filtering.

    So we have placed Untangle in bridge mode in between the NuxBox (Defeult Gateway) and the ISPís router. This works well to stop SSH tunnels bittorrent and other protocols with patterns, but Iím out of luck with PPTP, L2TP and SSTP.

    I went through the how to create your own pattern but canít seem to find any regex that match each and every time. My test plateform was all VMs with WindowsXP ----> Untangle ----> Windows
    2003 with wireshark on all ends.

    Can anyone help us ?

    Thanks

  2. #2
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,275

    Default

    Hi Carmstrong,
    Have you disabled the Bypasses for PPTP and IPsec?
    Config>Networking>Advanced>"Bypass"

    And Welcome to the forums.

  3. #3
    Newbie
    Join Date
    Nov 2009
    Posts
    3

    Default

    Hi WebFooL,

    It works great, so thats 2 less protocols off my list, any ideas for the following ones :

    - OpenVPN
    - SSTP
    - Tunnel over HTTPS/SSL

    Thanks

  4. #4

  5. #5
    Newbie
    Join Date
    Nov 2009
    Posts
    3

    Default

    Hi,

    Thanks again for your help, so if i get this right all i would need to do is add a regex to Protocol control with something like (SSTPVERSION.[0-9\.]+) and that would stop SSTP.

    And looking at this other thread i can stop OPENVPN as well ( hxxp://forums.untangle.com/openvpn/9195-block-openvpn-traffic-internal-interface.html#post58897 )

    So all this is looking quite good, i just need to find out a way of stoping IP over HTTPS

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2