Summary
Anchor Free Hotspot Shield software is an OpenVPN-based internet privacy service. The principle is that users connect to the central VPN servers and route all their internet traffic via the remote servers.
Problem
Using Hotspot Shield bypasses the web filter proxy.
Solution
From your firewall, block the following TCP and UDP ports:
11948040-80458245
Note: UDP port 1194 is a regular OpenVPN port. You may need to leave this open if you have users using OpenVPN legitimately.
If Smoothwall is your firewall, see our help topics:
- For customers running Hearst or below, Managing Outbound Traffic and Services.
- For customers running Inverness or above, Adding new Firewall rules.
Make sure the following domains are blocked:
hotspotshield.comhotspotshield.netanchorfree.comanchorfree.netopenvpn.net
- Create a custom category containing the above domains. See our help topic, Creating custom categories.
- Create a block policy for the newly created custom category. See our help topic, Creating web filter policies.