NordVPN is a subscription VPN service that allows you to shield your browsing content from third parties. NordVPN is becoming increasingly popular with students and professionals that use public Wi-Fi regularly.
However, NordVPN prevents Smoothwall's Web Filter from screening content. This means that users can access websites that would otherwise be blocked.
To block NordVPN on the Smoothwall, you need to set up Firewall and HTTPS inspection rules.
NordVPN uses a number of ports. Therefore, you should aim to have a locked down Firewall.
The ports that NordVPN use are listed below:
To find out more about how to set up a firewall rule, visit our user assistance topic on Using the Smoothwall Firewall.
NordVPN keeps trying to connect because it uses UDP Port 53. It will continue to do this unless you put Port 53 into the Firewall rule. Therefore, to completely block NordVPN you need to only allow trusted DNS on Port 53.
To do this, create another Firewall rule above the Nord block rule. In this rule, put the IP address of the trusted DNS into the Destination IPs section, under Services, select DNS and for Action, select Allow.
Next, create the HTTPS inspection policy:
- From the Guardian menu, under the HTTPS inspection submenu, click Policy Wizard.
- Add in the following attributes:
- Who - Everyone*
- What - Everything
- Where - Everywhere*
- When - Always*
- Action - Decrypt and Inspect/Validate Certificate
*Change as appropriate