psiphon | Fortinet Technical Discussion Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes
- Member List
- Online User List
- User Groups

Videos, Docs Library, KB

Mark Thread UnreadFlat Reading Mode ❐

Hot!psiphon

Author Post Essentials Only Full Version
Fullmoon Platinum Member Total Posts : 870 Scores: 13 Reward points: 0 Joined: 2010/08/02 18:02:10 Status: offline 2017/02/16 06:38:29 (permalink) 5.4 0 psiphon now the headache backs again, anyone does the trick on how block psiphon? Im using FGT 1000C and FGT 92D running in FOS 5.4.3 and 5.2.10 seems psiphon able to bypass. applied ssl deep inspection (select all ports), blocked botnet p2p and proxy under app control, blocked web proxy under web filter profile, even limits the service to http/s and dns still no glory. anyone willing to share their tricks on how to block psiphon? thanks IPS Definitions Version 10.00070 IPS Engine Version 3.00299 Fortigate Newbie #1 15 Replies Related Threads
hmtay_FTNT Expert Member Total Posts : 228 Scores: 49 Reward points: 0 Joined: 2017/02/22 11:02:10 Status: offline Re: psiphon 2017/02/22 13:10:57 (permalink) 0 Hello, Can you update your IPS Definition to 10.00071 or above. An update on the Psiphon signature was released in 10.00071 to cover the recent update. On the same topic, with IPS Engine 3.00299 and FortiOS 5.4 and above, our Psiphon signature does not require SSL deep-inspection anymore. We have added a new feature into the engine that allows us to block it without deep inspecting the packet. #2
nawaysa New Member Total Posts : 3 Scores: 0 Reward points: 0 Joined: 2017/03/20 02:16:14 Status: offline Re: psiphon 2017/03/20 05:30:49 (permalink) 0 I have update IPS and FOS but still Psiphone can bybass the fortigate?? any help please #3
hmtay_FTNT Expert Member Total Posts : 228 Scores: 49 Reward points: 0 Joined: 2017/02/22 11:02:10 Status: offline Re: psiphon 2017/03/20 08:54:32 (permalink) 0 Did you enable certificate-inspection or deep-inspection? Can you show me the output to the CLI command "diagnose autoupdate versions? Can you send me your configuration file in a PM? Thanks. HoMing #4
Fullmoon Platinum Member Total Posts : 870 Scores: 13 Reward points: 0 Joined: 2010/08/02 18:02:10 Status: offline Re: psiphon 2017/03/21 00:05:19 (permalink) 0 dear hmtay_FTNT, TAC sent me IPS signature FOS 5.2.10 (flen-520-3.0406.pkg) few days back, i thought I was able to blocked psiphon completely but after a few minutes of waiting, psiphon successfully connected. whew!i started to scratched my head again ;-) Fortigate Newbie #5
nawaysa New Member Total Posts : 3 Scores: 0 Reward points: 0 Joined: 2017/03/20 02:16:14 Status: offline Re: psiphon 2017/03/21 04:13:39 (permalink) 0 Last Update Attempt: Tue Mar 21 12:24:18 2017 Result: No Updates Botnet Domain Database --------- Version: 1.00638 Contract Expiry Date: n/a Last Updated using manual update on Tue Jan 10 11:02:00 2017 Last Update Attempt: n/a Result: Updates Installed Modem List --------- Version: 0.000 Device and OS Identification --------- Version: 1.00055 Contract Expiry Date: Thu Nov 29 2018 Last Updated using manual update on Fri Mar 3 23:15:00 2017 Last Update Attempt: Tue Mar 21 12:24:18 2017 Result: No Updates IP Geography DB --------- Version: 1.062 Contract Expiry Date: n/a Last Update Date: Fri Mar 10 18:09:33 2017 Certificate Bundle --------- Version: 1.00005 Last Update Date: Thu May 5 10:58:00 2016 FDS Address --------- 96.45.33.81-443 URL White list --------- Version: 1.00618 Contract Expiry Date: Thu Nov 29 2018 Last Updated using scheduled update on Mon Mar 20 18:24:23 2017 Last Update Attempt: Tue Mar 21 12:24:18 2017 Result: No Updates Primary_FortiGate # I enable ssl deep inspection , but still user can bybass fortigate #6
hmtay_FTNT Expert Member Total Posts : 228 Scores: 49 Reward points: 0 Joined: 2017/02/22 11:02:10 Status: offline Re: psiphon 2017/03/21 08:15:30 (permalink) 0 nawaysa, Your "diagnose autoupdate versions" is incomplete. I dont see any info about your IPS Engine and IPS Definition versions. Can you PM your configuration file to me and let me know which policy ID are you using? #7
nawaysa New Member Total Posts : 3 Scores: 0 Reward points: 0 Joined: 2017/03/20 02:16:14 Status: offline Re: psiphon 2017/04/03 04:38:02 (permalink) 0 Is there any new solution to block Psiphon????? #8
juanchonica New Member Total Posts : 6 Scores: 0 Reward points: 0 Joined: 2015/04/02 15:31:08 Status: offline Re: psiphon 2017/08/07 10:47:52 (permalink) 0 the only way is apply ssl deep inspection and install certificate in ALL computers in your network #9
Itsmejerry04 New Member Total Posts : 2 Scores: 0 Reward points: 0 Joined: 2018/12/05 19:39:05 Status: offline Re: psiphon 2018/12/05 19:57:55 (permalink) 0 The speed of the service is certainly acceptable, If you want to block this Psiphon VPN, you will must to block all VPN which are not yours. post edited by Itsmejerry04 - 2019/01/08 04:17:34 #10
juancava New Member Total Posts : 1 Scores: 1 Reward points: 0 Joined: 2018/12/17 04:11:22 Status: offline Re: psiphon 2018/12/17 04:15:19 (permalink) 4 (1) Any update on this? I have a FortiGate 500D with deep inspection. All clients have to use a certificate, but I can't block psiphon, even if it is blocked in application control. I'm managing a high school, and this is starting to become a very big problem. #11
Ashu Gold Member Total Posts : 150 Scores: 13 Reward points: 0 Joined: 2015/04/17 04:33:45 Location: Doha,Qatar Status: offline Re: psiphon 2019/06/18 13:32:03 (permalink) 4 (1) Hi Any suggestions to block psiphon we can't use deep packet inspection due to current firewall architecture . Ashu #12
binnyrog New Member Total Posts : 4 Scores: 0 Reward points: 0 Joined: 2019/06/20 00:43:09 Status: offline Re: psiphon 2019/06/25 23:22:49 (permalink) 0 Why is Fortigate is not able to block Psiphon even with the application controls and deep packet inspection? It's giving me a headache going through the settings and blocking Psiphon. Did anyone get success in blocking the same? #13
Ashu Gold Member Total Posts : 150 Scores: 13 Reward points: 0 Joined: 2015/04/17 04:33:45 Location: Doha,Qatar Status: offline Re: psiphon 2019/06/26 02:45:15 (permalink) 0 The only other method I can think of is to block based on IP addresses. You may consider the ISDB (internet service database) and block based proxy IP category. Hoping that the addresses they use are part of this group. Ashu #14
Shehroz New Member Total Posts : 1 Scores: 0 Reward points: 0 Joined: 2019/07/01 23:38:51 Status: offline Re: psiphon 2019/07/01 23:43:46 (permalink) 0 I have same issue since i install fortigate i'm unable to block psiphon vpn app but in the logs section of app control and web filter it is continue blocking but in the actual users are able to connect through psiphon on pc as well as on mobile using corporate wifi network. I was using fortiOS 5.6.8 and yesterday have upgraded to 5.6.9 but issue is the same it is showing block in app and web but not blocking in actual.. Any expert can give lead pl #15
cwb2205 New Member Total Posts : 19 Scores: 0 Reward points: 0 Joined: 2019/07/01 17:15:39 Status: offline Re: psiphon 2019/07/25 20:39:44 (permalink) 0 I have a Fortgate 500E I just set up at at client running FortiOS 5.0.6. We have application control blocking all Proxy signatures which I have applied to their internet policies. I am seeing daily hits on the firewall blocking Psiphon. I just checked the signatures for application control and Psiphon is there. currently running app control version 14.00659 #16

Jump to:

© 2020 APG vNext Commercial Version 5.5