Blocking NordVPN

Issue

NordVPN is a personal VPN service known for its ability to bypass firewalls, granting users access to websites that might otherwise be restricted by firewall policies such as those implemented by the Cato Firewall.

Attempts to block NordVPN through conventional means, such as blocking the NordVPN application itself in firewall rules, often prove ineffective, as NordVPN traffic can still find its way through.

Solution

While NordVPN is notorious for its diverse array of modes, each equipped with unique evasive techniques, configuring specific firewall rules within the Cato Management Application (CMA) can target and neutralize NordVPN traffic.

To mitigate the impact of NordVPN on network security, consider enabling TLS inspection and blocking the NordVPN Application as well as the following specific services commonly utilized by NordVPN to evade detection and restrictions: 

  • OpenVPN Protocol
  • Evasive traffic over tcp/443
  • Evasive traffic over DNS
  • WireGuard Protocol

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment