It might be PPTP.. I think port 1723 is associated with that type of
If you are running 1.2b10 or 1.2, look under Diagnostics for the
Firewall States while this person(s) is connected. This will let you see
exactly who is using what traffic, including source and destination IP,
ports (for TCP/UDP), protocol type, etc.
Armed with this information, it should be fairly easy to put a rule
in place to block that traffic... (With a rule on the interface that the
user is coming in on.)
From: Jim Naslund [mailto:jnaslund at gmail dot com]
Sent: Tuesday, October 11, 2005 9:16 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Blocking Outgoing VPN Access
I'm trying to block VPN access from my network because people are
connecting to a nearby campus with VPN and downloading
through direct connect that way. I made a firewall rule that rejected UDP
packets destined for port 500 but this did not prevent access.
The VPN connection I'm trying to block uses IPSec. Any suggestions?