Tweet
I was testing a SASE deployment and UDP 443 refused to connect. I had webfilter, app control, firewall, and threat detection enabled on the policy. I went through every report looking through a block indication, and traffic wise everything seemed fine.
It wasn't after I went through each application setting that I found the (on by default!) quic block option. This is frustrating because I just have web filtering on to grab information about sites visited, and no categories blocked. The app was not enabled with the intention to block anything.
It wouldn't be so bad if the website reports reflected the block, but the 443 traffic was all unblocked. Also, the webfilter report does not let me add the protocol field so I could not drill down as far as I wanted to go.
Please, if you are going to have a default block somewhere, have it show up in the logs.
It wasn't after I went through each application setting that I found the (on by default!) quic block option. This is frustrating because I just have web filtering on to grab information about sites visited, and no categories blocked. The app was not enabled with the intention to block anything.
It wouldn't be so bad if the website reports reflected the block, but the 443 traffic was all unblocked. Also, the webfilter report does not let me add the protocol field so I could not drill down as far as I wanted to go.
Please, if you are going to have a default block somewhere, have it show up in the logs.
Comment