This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tor Browser how to block

If I have already installed  Tor browser y my PC with all administative permissions  (or any one else in the company LAN) how can i block  in the XG Firewall  in order to no one use it??

I already try using block proxy in App Control (deny all)  .. but may be  i miss something (The basic App gropup include all the proxys sites including Tor Proxy and  Tor2  web proxy)



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Check out the steps outlined in the following document to block Tor Proxy(Tor Browser).

    Thanks,

  • Dear  H_Patel.

    I try to follow the settings as you recommend ... 

    I change the parameters recommended  indicated (as the pictures below my XG Firewall)

    show advanced-firewall
    show ips-settings

    Please  Notice there are some diferences  with other  parameters but no with the recomended to change ....

    I also create one Firewall Rule for one particular VLAN (test one)  including a  App control  Policy to block what was recommended  

    The App control Policy include and P2P and Proxy and Tunnel category

    • DNS Multiple QNAME
    • OpenVPN
    • QUIC
    • Non-SSL/TLS traffic on port 443

    including others two categories  for  P2P   and  Proxy and Tunnels ..... (no showed in the image above but included)

    This App control Policy  was included in the same Firewall rule for the VLAN in test...    No other Rule included..... No web policy and  No IPS policy included (just what was show in IPS command settings

    Tor still running ... 

    Do i miss Something ??

    If some other parameters must be changed or include... please indicate the commands to do it ....

    Thanks in advance

  • FormerMember
    0 FormerMember in reply to Atilio Servian

    Hi

    What is the firmware version on your firewall? If it’s 17.5, you need to turn on HTTPS scanning, and for V18, SSL/TLS inspection turned on; check out the provided document for more info. Also, run a packet capture on the source IP address to ensure that traffic is hitting the correct firewall rule. 

    Thanks, 

  • Hi,

    from experience you will need full decrypt and scan along CA installation and use the web proxy because SSL/TLS in this version does not scan UDP traffic which TOR will use if it finds TCP blocked.

    You will also need to change from any service to http/s otherwise checking will fail.

    I have inspect all content enabled rather than just untrusted content.

    Ian

    Also what are your DOS settings/parameters as shown in the IPS tab?

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.



    added question about DOS settings/parameters
    [edited by: rfcat_vk at 10:06 PM (GMT -8) on 26 Feb 2021]
Reply
  • Hi,

    from experience you will need full decrypt and scan along CA installation and use the web proxy because SSL/TLS in this version does not scan UDP traffic which TOR will use if it finds TCP blocked.

    You will also need to change from any service to http/s otherwise checking will fail.

    I have inspect all content enabled rather than just untrusted content.

    Ian

    Also what are your DOS settings/parameters as shown in the IPS tab?

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.



    added question about DOS settings/parameters
    [edited by: rfcat_vk at 10:06 PM (GMT -8) on 26 Feb 2021]
Children
No Data