Blocking HotSpot Shield VPN

Question

My teenage kids have figured out by installing HotSpot Shield VPN while on celluar data they can bypass Circle 1st gen on my Netgear RAX80 router.

How do I block Iphone users from using HotSpot Shield VPN on my wifi network?

Looking for a solution that blocks Hotspot Shield on the router.

Taking away their phones, installing restrictive VPN's, setting the block VPN in Circle, the belt, grouding,........... doesn't work. There's gotta be a way to block this outbound traffic on the router???

Mike

plemans · Answer

there's not.&nbsp;
when you use a vpn, it encrypts the traffic between the 2 points so the router can't do packet inspection.&nbsp;
And even if you blocked that specifi vpn at home, they can install it at school/friends so it works when they get home.&nbsp;
&nbsp;
If they're actively installing something to get around blocking, then its time to make them responsible for the choice. You can lock down their phones to the point of installing an app requires you to install it with a pin code. But they'll find a way around that by side loading.&nbsp;
At a certain point, it comes down to making them responsible for the choices they've made. Take the phone away or shut it off. Most cell phone plans off a deactive feature. Not saying its a great choice but they'll keep finding ways around the security when they get smart enough to circumvent you&nbsp;

plemans · Answer

You'll play the game of "what vpn are they using now". Here's the details on blocking hotspot shield but you'll have to search each vpn's specifics to block those.&nbsp;
&nbsp;
What a quick internet search returned about blocking Hotspot Shield and what you want to achieve is:
Block the following TCP and UDP ports outbound:

1194
8040-8045
8245

Make sure the following domains are blocked:

hotspotshield.com
hotspotshield.net
anchorfree.com
anchorfree.net
openvpn.net

rochem · Answer

Thank you for responding. In advance&nbsp;please be patient with me as I seek to block all users trying to circumvent established polices. Our small network only allows known&nbsp;and acceptable devices on the network, random inspections which fail create mistrust and are seen as an invasion&nbsp;of privacy. Unfortunately it's human nature to bypass or go around the established rules and policies. I like to subscribe to the saying keep honest people honest by removing the temptation.&nbsp;Other technical options than?&nbsp;**Keeping in mind that additional&nbsp;sites will need to be identified, added and blocked as they are identified.&nbsp;Can Hotspot Shields IP's (Service, Destination name, specfic port, .........)&nbsp; be identified&nbsp;and blocked on the router? Understanding that it would be a large server IP list and may take time to build.&nbsp;&nbsp;Can a VPN be installed on the router which would block&nbsp;Hotspot Shield&nbsp;&nbsp;Is there a hardware option? A firewall?&nbsp;Mike&nbsp;&nbsp;

rochem · Answer

Thank you, I will give this a try.

nielsvds · Answer

You may not forget that certain browser also have a build in VPN feature that you can not block. Beside that they can also use a proxy so a parental control software will not able to detect or block anything.

Forum Discussion

Blocking HotSpot Shield VPN

5 Replies