how to block clients that are using VPN or like browsec tunnel

  • some of my clients are using VPN or web proxies like browsec so they can bypass my squid rules (restricted sites).

    can someone help me on how to block this tunnels.

  • Netgate Administrator

    It depends how restrictive you want to get. It can be difficult to impossible to completely eliminate that though.

    You can block all traffic except ports 80, 443 and 53. The Squid rules will redirect 80 and 443 to itself and you can add a port forward to to redirect all DNS to Unbound. You will break many things though and get a lot of complaints!


Log in to reply