WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Blocking VPN connection like CloudFlare in RUT950.

0 votes
422 views 0 comments
by anonymous
I do not want to allow user to bypass the traffic rules by using some VPN application like Cloudflare WARP.  Most users are using mobile phone and VPN app like 1.1.1.1.

It is possible to block that VPN connection.

Please help me.

Thanks in advance

1 Answer

0 votes
by anonymous

Hello,

It appears that Cloudflare WARP uses UDP ports 2408, 500, 1701 and 4500, so the solution would be to reject communication on these ports.

You would need to create a firewall rule, with the following settings:

  • Protocol: UDP;
  • Source zone: wan;
  • Destination zone: lan;
  • Destination port: 2048, 500, 1701, 4500;
  • Action: Reject;

However, be aware, that:

  • Port 1701 is used by Layer Two Tunneling Protocol (L2TP);
  • Port 500 is used by Internet Security Association and Key Management Protocol (ISAKMP) for establishing PHASE 1 of IPSEC tunnel;
  • Port 4500 is used by IPSec NAT Traversal.

Due to that, you will not be able to use IPsec and L2TP VPNs.

Also, a rule to allow communication on UDP port 500 is configured by default, it is called Allow-ISAKMP, and you would need to disable it.

Best regards,