Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Is it possible to detect someone using a vpn ? were using 3200XM console.

This thread has been viewed 0 times

  • 1.  Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 12:27 PM

    Is it possible to detect someone using a vpn ? were using 3200XM console.



  • 2.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 12:39 PM

    HI,

    What exactly you want here ? which VPN you are talking about ?

     

    Please clarify



  • 3.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 12:44 PM

    we have a 1 to 1 iPad deployment wih our high school students some have downloaded a vpn I was able to block the app from being downloaded. However once the app is downloaded they can still use the vpn on campus. I wanted to know if it was possible to see who is using the vpn ?



  • 4.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.
    Best Answer

    Posted Jul 30, 2015 12:51 PM

    If you want to block the VPN access you can add a rule under the user-role to deny VPN access UDP 4500.

     

    You can also run the following command to see if the user is using VPN:

    show datapath session table <ip address of user> | include 4500



  • 5.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 12:55 PM

    Ok Great thanks for the help. Im kind of new to this controller where can I find the user role?



  • 6.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 01:04 PM

    HI,

     

    To know the User role use "show user-table" command. and add a policy to block UDP 4500 traffic.

     

    Please feel free for any further help on this.



  • 7.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 30, 2015 04:51 PM

    So it can only be done through the command line not GUI ?



  • 8.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 31, 2015 02:10 AM

    HI,

     

    No. you can also get User information through GUI as well,

    Open Web UI of your Controller and navigate to Monitoring-->Clients, you can see all the details of that client, Username, MAC and IP address, Role, Associated AP, Age etc...

     

    Please feel free if you need further clarity on this.

     



  • 9.  RE: Is it possible to detect someone using a vpn ? were using 3200XM console.

    Posted Jul 31, 2015 07:54 PM

    I should point out that that's only going to detect/block VPN on port 4500 - there are fairly simple ways for determined users to change ports or protocols for their VPN.

    Students are tenacious about looking for ways around you.

    I've seen VPN on port 53, 443, 500 and several others.