How do import the IP2Proxy VPN list and block it using the firewall?

I'm currently evaluating firewalls. My goal is to block all traffics from VPN providers. We have the VPN IP address list from the IP2Proxy in the following format with IP address ranges in decimal format.

"17496733","17496733","VPN","TH","Thailand"
"17496784","17496784","VPN","TH","Thailand"
"17543533","17543533","VPN","KR","Korea (Republic of)"
"17544563","17544563","VPN","KR","Korea (Republic of)"

How can we use WatchGuard to block the 11 millions VPN servers?

Comments

  • One can import IP addr lists into the Blocked Sites area, but not using this exact format, and certainly not many millions of entries.
    However, Application Control has a category of "Tunneling and Proxy Services" which should block the use of the application, instead of blocking access to a server IP addr.

  • Thank you. I will look into Blocked Sites and Application Control.

    How accurate is the Application Control in detecting VPN?

  • no idea.
    I assume that for the listed VPN types, that it is highly accurate.

  • James_CarsonJames_Carson Moderator, WatchGuard Representative

    Application control is fairly accurate at detecting common VPN types (Like OpenVPN, etc.) For applications that try to obfuscate themselves via encryption, having content inspection on for your https policy and using a TCP/UDP proxy instead of the outgoing policy will generally allow it to catch the rest.

    I'd suggest checking out these two articles for more information:
    (Application Control with the HTTPS Proxy and content inspection)
    https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA10H000000g3WRSAY&lang=en_US

    (Use proxies and Firebox security services to block UltraSurf)
    https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA10H000000g3TQSAY&lang=en_US

    -James Carson
    WatchGuard Customer Support

Sign In to comment.