Psiphon is a VPN that can be used to bypass the Smoothwall Filter and allow users to have unfiltered access. To prevent this you need to configure the Smoothwall Filter to block Psiphon.
Procedure
- Create either a decrypt and inspect or validate certificate only HTTPS inspection policy with these settings, see our help topic, Creating HTTPS inspection policies:
- Who: "Everyone, or the relevant user or groups to apply this policy to."
- What: "Everything, or the relevant categories."
- Where: "Everywhere, or the relevant location to apply this policy to."
- When: "Always, or the relevant time slot to apply this policy to."
- Action: "Decrypt and inspect" OR "Validate certificate only"
- Create a block web filter policy with these settings, see our help topic, Creating web filter policies:
- Who: "Everyone, or the relevant user or groups to apply this policy to."
- What: "All URLs containing an IP"
- Where: "Everywhere, or the relevant location to apply this policy to."
- When: "Always, or the relevant time slot to apply this policy to."
- Action: "Block"
- Check that your Smoothwall Firewall is locked down as tight as possible, see our help topic, Adding new Smoothwall Firewall rules.
- Psiphon makes use of many different ports including port 22 and 53.