Blocking VPN Clients From Within My Branch Office
I'm not sure if this is the right category for this question.
I am considering purchasing a Firebox T20 with a Basic Security licence, i am hoping to be able to use this appliance to sit between the LAN and the Internet for outgoing traffic for my office users but, my issue is i'm trying to stop staff using any VPN applications or clients to connect to while inside the LAN. Some staff are currently able to connect to various VPN clients Express VPN, Surfshark etc........i need to be able to configure the Watchguard to block all VPN connections outgoing from the internal LAN while the staff are connected to the corporate WIFI configured on the Watchguard.
Is this possible does anyone know?
Appreciate any help.
0
Sign In to comment.
Comments
Application Control, which is included in the Basic Security Suite, has a list of VPNs that it can block.
Many of these use Wireguard, including Surfshark.
You can see the categories which can be blocked, here:
https://securityportal.watchguard.com/Applications
You can learn about Application Control, here:
Application Control
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/app_control/app_control_intro_c.html
Also, the T20 goes End of Life on Jul 01, 2028.
Consider a newer model type, perhaps a T25 which is suggested as the replacement for the T20.
End of Life Policy
https://www.watchguard.com/wgrd-trust-center/end-of-life-policy