Blocking Access to the Hamachi Peer to Peer VPN Network
03/26/2020
8 People found this article helpful
199,197 Views
Description
Blocking Access to the Hamachi Peer to Peer VPN Network
Resolution
Users attempting to access the Hamachi peer-to-peer VPN service can be blocked by SonicWall firewall (UTM) appliances by creating firewall access rules prohibiting all traffic to the IP address ranges used by the operators of that service. Follow these steps to block Hamachi access.
SonicOS Standard:
- Select Firewall > Access Rules.
- Click the Add a new Network Access Rule button and enter the following:
- Action: Deny
- Service: Any
- Source: LAN
- Source Address Range Begin: *
- Source Address Range End: (leave blank)
- Destination: WAN
- Destination Address Range Begin: 69.25.20.0
- Destination Address Range End: 69.25.21.255
- Click OK to add the first rule.
- Click the Add a new Network Access Rule button and enter the following:
- Action: Deny
- Service: Any
- Source: LAN
- Source Address Range Begin: *
- Source Address Range End: (leave blank)
- Destination: WAN
- Destination Address Range Begin: 72.5.76.0
- Destination Address Range End: 72.5.77.255
- Click OK to add the second rule.
Users attempting to access the Hamachi network will now receive an error from the client indicating that they are unable to connect to the proxy.
SonicOS Enhanced:
- Select Network > Address Objects.
- Click the Add a new address object button and enter the following:
- Name: HamachiRange1
- Zone Assignment: WAN
- Type: Range
- Starting IP Address: 69.25.20.0
- Ending IP Address: 69.25.21.255
- Click OK to create the new address range object.
- Click the Add a new address object button and enter the following:
- Name: HamachiRange2
- Zone Assignment: WAN
- Type: Range
- Starting IP Address: 72.5.76.0
- Ending IP Address: 72.5.77.255
- Click OK to create the new address range object.
- Click the Add a new address object group button and specify the following:
- Name: HamachiGroup
- Select both HamachiRange1 and HamachiRange2 as members and click the right arrow button.
- Click OK to create the new address group object.
- Select Firewall > Access Rules.
- Select from LAN to WAN from the matrix.
- Click the Add a new entry button and specify the following:
- Action: Deny
- From Zone: LAN
- To Zone: WAN
- Service: Any
- Source: Any
- Destination: HamachiGroup
- Users Allowed: All
- Schedule: Always On
- Click OK to add the firewall access rule.
Users attempting to access the Hamachi network will now receive an error from the client indicating that they are unable to connect to the proxy.
Related Articles
Categories
Was This Article Helpful?
YES
NO