NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

rochem's avatar
rochem
Aspirant
Jan 20, 2022

Blocking HotSpot Shield VPN

My teenage kids have figured out by installing HotSpot Shield VPN while on celluar data they can bypass Circle 1st gen on my Netgear RAX80 router.

 

How do I block Iphone users from using HotSpot Shield VPN  on my wifi network?

Looking for a solution that blocks Hotspot Shield on the router.

 

Taking away their phones, installing restrictive VPN's, setting the block VPN in Circle, the belt, grouding,........... doesn't work. There's gotta be a way to block this outbound traffic on the router???

 

 

 

Mike

5 Replies

  • plemans's avatar
    plemans
    Guru - Experienced User

    there's not. 

    when you use a vpn, it encrypts the traffic between the 2 points so the router can't do packet inspection. 

    And even if you blocked that specifi vpn at home, they can install it at school/friends so it works when they get home. 

     

    If they're actively installing something to get around blocking, then its time to make them responsible for the choice. You can lock down their phones to the point of installing an app requires you to install it with a pin code. But they'll find a way around that by side loading. 

    At a certain point, it comes down to making them responsible for the choices they've made. Take the phone away or shut it off. Most cell phone plans off a deactive feature. Not saying its a great choice but they'll keep finding ways around the security when they get smart enough to circumvent you 

    • rochem's avatar
      rochem
      Aspirant

      Thank you for responding. In advance please be patient with me as I seek to block all users trying to circumvent established polices. Our small network only allows known and acceptable devices on the network, random inspections which fail create mistrust and are seen as an invasion of privacy. Unfortunately it's human nature to bypass or go around the established rules and policies. I like to subscribe to the saying keep honest people honest by removing the temptation.

       

      Other technical options than?

       

      **Keeping in mind that additional sites will need to be identified, added and blocked as they are identified.

       

      Can Hotspot Shields IP's (Service, Destination name, specfic port, .........)  be identified and blocked on the router? Understanding that it would be a large server IP list and may take time to build. 

       

      Can a VPN be installed on the router which would block Hotspot Shield 

       

      Is there a hardware option? A firewall?

       

      Mike

       

       

      • plemans's avatar
        plemans
        Guru - Experienced User

        You'll play the game of "what vpn are they using now". Here's the details on blocking hotspot shield but you'll have to search each vpn's specifics to block those. 

         

        What a quick internet search returned about blocking Hotspot Shield and what you want to achieve is:

        Block the following TCP and UDP ports outbound:

        • 1194
        • 8040-8045
        • 8245

        Make sure the following domains are blocked:

        • hotspotshield.com
        • hotspotshield.net
        • anchorfree.com
        • anchorfree.net
        • openvpn.net