This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to block Hoxx VPN

Hi guys,

I am unable to block the Hoxx VPN extension on firefox. I followed the Application filter recommended settings for better application detection (https://soph.so/WtpQzU). The application uses port 80/443 for VPN servers. Sophos XGS is unable to block the VPN.

Web Filter:

This thread was automatically locked due to age.

Top Replies

Erick Jan over 1 year ago in reply to Vineeth Penugonda +1

Hi Vineeth, Can you check the IPS signature version? "The resolution has been included in app signature version x.15.63" Also, can you do a test FW rule on top, allowing HTTP,HTTPS,SMTP,ICMP then…

Parents

0 Erick Jan over 1 year ago

Hi Vineeth,

Can you check the application rule, based on the Screenshot, the policy is allowed.

Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up 0 Vote Down

Cancel
0 Vineeth Penugonda over 1 year ago in reply to Erick Jan

Hi Eric,

It is already blocked in the applications filter. The VPN is using URLs (General Business category) for evading detection.
Cancel
Vote Up 0 Vote Down

Cancel
0 Erick Jan over 1 year ago in reply to Vineeth Penugonda

Hi Vineeth,

Can you check the IPS signature version?

"The resolution has been included in app signature version x.15.63"

Also, can you do a test FW rule on top, allowing HTTP,HTTPS,SMTP,ICMP then turn on the " Scan HTTP" and put the application Filter.

then try to connect the VPN again.

Erick Jan
Community Support Engineer | Sophos Technical Support
Sophos Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.
Cancel
Vote Up +1 Vote Down

Cancel
0 rfcat_vk over 1 year ago in reply to Vineeth Penugonda

Hi,

which firewall rule is it using?

Do you have https scanning enabled with decryption and CA installed on the end device? Do you limit the ports on the firewall rule?

Ian

XG115W - v20 GA - Home

XG on VM 8 - v20 GA

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Vineeth Penugonda over 1 year ago in reply to Erick Jan

Hi Erick,

The application signature version is 18.19.54.

I added a test FW rule on top. Hoxx VPN is still working.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Vineeth Penugonda over 1 year ago in reply to Erick Jan

Hi Erick,

The application signature version is 18.19.54.

I added a test FW rule on top. Hoxx VPN is still working.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data