Solved

Cisco RV042G  Gigabit Dual WAN VPN Router - Block LogMeIn

Posted on 2012-12-27
7
957 Views
Last Modified: 2012-12-30
I am currently running a Cisco RV042G Gigabit Dual WAN VPN Router.  It is configured for client vpn access.  There are no NAT's or other ports open to allow outside traffic in.

Even though my employees are not supposed to run LogMeIn they are anyway.  Is there a way to block it using the Cisco RV042G router?
0
Comment
Question by:deklinm
  • 3
  • 3
7 Comments
 
LVL 18

Expert Comment

by:Akinsd
ID: 38725411
You may not be able to block the port logMeIb uses as it may affect other RDP based applications.

However, you can block the application with Group Policy Settings if all the workstations are in a domain environment. You would generate the hash for the application and block it using the hash
0
 

Author Comment

by:deklinm
ID: 38725656
Group policy is not an option.  There are no domain controllers and the majority of the users are on mac
0
 
LVL 26

Accepted Solution

by:
akahan earned 500 total points
ID: 38725675
You could try  Firewall/Block Forbidden domains/
and block logmein.com .

When your employees use logmein to connect to their machines at home, they are not connecting directly; they are relaying through logmein's servers.  Blocking the domain might prevent this.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:deklinm
ID: 38730471
I tried the forbidden domain setting.  It appears to block the logmein website requests for people inside the corporate network attempting to make an outbound connection.

What i want to block is someone from outside of our network trying to use logmein to gain access.  Is there a way to block inbound connections?
0
 
LVL 26

Expert Comment

by:akahan
ID: 38730488
In order for someone to make an inbound connection to logmein, the logmein app running inside your network must first make an outbound connection.  Did you actually try it, to see if it effectively blocks  use of logmein to connect to systems inside your network?
0
 

Author Comment

by:deklinm
ID: 38730492
I just installed logmein and it worked.  Thanks

One more question.  Some of my users have been using logmein hamachi.  Will hamachi also be blocked when i block *.logmein.com or do i need to block an additional domain?
0
 
LVL 26

Expert Comment

by:akahan
ID: 38730531
That won't block Hamachi, unfortunately; it's pretty robust.  I've seen a lot of suggestions on various sites for how to block Hamachi using a router, but as far as I know none of them work (though they may have at one time.)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now