Skip to main content

How can we help you?

Search

help Knowledge Base
forum Community
checklist Release Notes
event Events

How to block mobile VPN apps

Tamanna Kibrea

Hi,

Just looking for a way to block mobile VPN applications as end users can still download them and bypass DNSFilter policies. Currently, my policy blocks proxy & filter avoidance which blocks VPN domains on laptops but doesn’t extend to mobile VPN applications. I don’t think I have Deep Packet Inspection supported by my router either. Would appreciate any help.


Thanks,

Tamanna

Comments

3 comments

Date Votes
  • Chris Todd Community Manager DNSFilter Staff
    Community Regular

    Sorry for the delayed response Tamanna Kibrea.

    There's a bunch of info in this article: “Preventing content filtering circumvention.”

    What came to mind when I read this is: 

    1. Do the mobile devices have roaming clients installed, as well?
    2. Assuming so, are the mobile VPNs different? If so, have they been setup for blocking as well?

    I asked around, and also received this response.

    If the mobile devices are company-provided, ideally, they should be locked down, unapproved applications should not be installed, and further restrictions should be placed to prevent tampering with network settings. This can be achieved with MDM.


    If the mobile devices are BYOD, this is harder to enforce.

    Let me know if this helps. If not, additional details regarding your particular deployment would be helpful.

    0
  • Tamanna Kibrea
    • Edited

    Hi Chris,

    Answers to your questions:

    1. No they do not - this is for a home network

    2. N/A

    Ideally, I would like all VPN apps to be disabled/blocked in all devices in my home network so even if a VPN application is downloaded, it wouldn't work. Currently, the AppAware feaure only blocks a handful of VPN applications' functionalities, e.g. NordVPN and HolaVPN, however, there are plenty of  others in the App Store that are free to be downloaded and once downloaded, they bypass all DNSFilter policies. I hope that is a little bit more information. 

    Thanks,

    Tamanna

     

    0
  • Chris Todd Community Manager DNSFilter Staff
    Community Regular

    Hi Tamanna Kibrea -

    That's a tough one!
    Unfortunately every VPN app is going to have its own ip addresses, making it  nearly impossible to identify and block access to every single VPN on the market. Of course even if we were able to do that, by using cell data, a mobile device could bypass the block on your local network.

    I'm sorry I can't offer a better solution. 

    Some of our users have made similar requests (here and here, too) to our product team. You can upvote those or make your own request on our Feedback page: https://dnsfilter.canny.io/feature-requests.

    0

Please sign in to leave a comment.

New post

Featured posts