Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor and VPN detection
« previous
next »
Print
Pages: [
1
]
Author
Topic: Zenarmor and VPN detection (Read 999 times)
deuch
Newbie
Posts: 32
Karma: 1
Zenarmor and VPN detection
«
on:
August 11, 2023, 12:38:23 pm »
Hello,
I'm trying using zenarmor to detect VPN connection from a kids network but it seems that zenarmor has a difficult time to achieve it.
I've blocked all the Proxy gategory (Security and App Controls) but with my results :
Hide.me application bypass zenarmor (hide.me is in the list of the proxy)
1.1.1.1 application with WARP from cloudflare bypass zenarmor
I've a wireguard server and tested it :
192.168.2.14 - 50307 1X.X.2XX.X 60beb40d093e 109.0.230.182 - 55820 Generic TCPIP Generic TCPIP Generic TCPIP
It is seen as Generic TCPIP traffic and not wireguard or VPN traffic and it bypass zenarmor too.
Does someone achieve to block VPN with zenarmor ?
«
Last Edit: August 11, 2023, 04:54:23 pm by deuch
»
Logged
deuch
Newbie
Posts: 32
Karma: 1
Re: Zenarmor and VPN detection
«
Reply #1 on:
August 11, 2023, 04:52:58 pm »
I've made a simple test :
Deploy a Wireguard VPN server on a cloud VM.
If i use the 51820 default Wireguard server port, zenarmor block the connection from my device
If i use the 52820 port for Wireguard, zenarmor consider it a Generic TCP and not Wireguard VPN
So what is the point to do DPI if a simple port change can fool zenarmor ?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Zenarmor and VPN detection