Hi,
I am trying to block Browsec Chrome Extension which basically doing VPN session
Here how its work.
When client enable Browsec extention, it will tunnel https session to postls.com server for example in Singapore.
It will goes to this ip addresses
128.199.254.26 = sg1.posls.com
128.199.201.63 = sg2.postls.com
....
128.199.156.245 = sg15.postls.com
1 country has 15 non consequtive ip addresses
Browsec maybe use 5 countries servers
INFO:
# run show version
Hostname: SRX1
Model: firefly-perimeter
JUNOS Software Release [12.1X47-D20.7]
PROBLEM:
1. blocking Browsec Chrome Extenstion
QUESTIONS
1. How to block postls.com domain name
In Mikrotik I simply do this
/ip firewall address-list
add address=12.12.12.0/24 list=LAN
/ip firewall layer7-protocol
add name=browsec regexp="^.+(postls.com).*\$"
/ip firewall filter
add action=drop chain=forward layer7-protocol=browsec src-address-list=LAN
tq