This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to totally blocked psiphon/ultrasurf

Hi Guys,

Does anyone know how to totally blocked Psiphon? I already raised this issue to Sophos XG support, He sets ips maxpkts, QUIC, port blocking, etc. but still it bypasses the blocking. I have this issue for almost a year but until now it seems there is no solution even upgrading to the latest firmware. On the other UTM/NGFW brand/devices they can blocked Psiphon. I hope this issue soon be resolved.



This thread was automatically locked due to age.
Parents Reply Children
  • Okay,

    you need to

    set scanning to https and http and block QUIC

    install XG CA on device

    only allow http and https in the firewall rule

    add the web policy that blocks tunnels

    add the application policy that blocks tunnels including IP and NONE.



    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.