Posted: Mon Jan 30, 2023 6:20 Post subject: Disable VPN Traffic over my network
How to prevent anyone to use any VPN software in their PC or device on top of my network using DD-WRT? How to identify the traffic whether it's a if using port 443 since I don't want to disallow port 443, but only the VPN.
Joined: 16 Nov 2015 Posts: 6440 Location: UK, London, just across the river..
Posted: Mon Jan 30, 2023 10:17 Post subject:
The only way known to me to prevent VPN traffic..is to block the range of IP's related to the VPN..so,
the clients will not be able to establish communication...and this is almost impossible with consumer grade routers...as you need to find all the servers and ect...speaking of kids its a Cats and Dogs game...
If you block one, they will go to another and so on....you wont believe..but..kids are crafty this days... you can only cut their internet time based and impose a serious restriction rules via iptables/ipset rules, but this need a high grade consumer class router..that supports IPset and iptables -m time module... (for example Netgear R7800 or R9000)...
For more on IPset https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327261 have a good read on the egc guide _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 16 Nov 2015 Posts: 6440 Location: UK, London, just across the river..
Posted: Mon Jan 30, 2023 19:46 Post subject:
I didn't mention ndpi as back in the days it was very CPU consuming....especially on heavy traffic it overwhelms the router...there was an update recently...may be its improved...try it...
it may work..in fact DDWRT needs some users to try this and that... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913