Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

How to block Psiphon

This thread has been viewed 0 times

  • 1.  How to block Psiphon

    Posted Aug 01, 2017 09:44 AM

    Dear Airhead,

     

    I'm training to block a VPN Proxy App called Psiphon.

    the App is in the APP list of the PEFNG.

    i'm using the Aruba OS version 6.4.4.10 in controllers 7210.

    and i have alredy activated deep inspection.

     

    the issue is that , the controller is not blocking this traffic

     

    Regards



  • 2.  RE: How to block Psiphon

    Posted Sep 28, 2017 08:24 PM

    any   idea guys ??



  • 3.  RE: How to block Psiphon

    Posted Nov 05, 2017 02:16 PM
    If you want to block this application, you will must to block all VPN which are not yours. You may read about Psiphon 3 here or just follow the steps below to unblock the app:--
    1. Enable DPI-SSL Client Inspection by going to DPI-SSL | Client SSL and selecting Enable SSL Client Inspection. Ensure that IPS, GAV, Spyware, and Application Firewall are selected.
    2. Enable all Psiphon application signatures by going to Firewall | App Control Advanced. Select the category PROXY-ACCESS and application Psiphon. Configure the application to be blocked and logged.
    3. Also block Encrypted Key Exchange TCP Random Traffic (SID 5).
    4. Enable blocking of SSH app signature (SID 10097) "SSH -- Client Request Outbound", (or make access rule to block outbound TCP/22 SSH Service from LAN->WAN).