https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221953#M42544 <P>HTTPS Inspection only supports up to TLS 1.2 unless you're on R81+ and USFW is enabled:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk167052" target="_blank">https://support.checkpoint.com/results/sk/sk167052</A>&nbsp;<BR />If the remote site requires TLS 1.3 (or above), then I could see this error popping up.</P> <P>In any case, please provide a full log card (redacting sensitive details.</P> Thu, 25 Jul 2024 19:00:13 GMT PhoneBoy 2024-07-25T19:00:13Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221811#M42495 <P>‘TLS alert: protocol_version’ after QUIC blocking and connecting via https<BR />Good afternoon</P><P>Can you please tell me if HTTPS inspection will work correctly when the connection is already via TCP 443?</P><P>We have QUIC blocked. User has Bypass configured in https inspection. In logs we see reject QUIC and then Bypass log with Alert. And we see the error: ‘The probe detected that this destination cannot be inspected and its identity cannot be verified due to a TLS alert (TLS alert: protocol_version)’.<BR />What can this be related to?</P> Wed, 24 Jul 2024 13:54:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221811#M42495 Oliver_222 2024-07-24T13:54:22Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221921#M42539 <P>We have the same log entries.</P> <P>Which firewall version?</P> Thu, 25 Jul 2024 15:02:28 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221921#M42539 Jan_Kleinhans 2024-07-25T15:02:28Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221953#M42544 <P>HTTPS Inspection only supports up to TLS 1.2 unless you're on R81+ and USFW is enabled:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk167052" target="_blank">https://support.checkpoint.com/results/sk/sk167052</A>&nbsp;<BR />If the remote site requires TLS 1.3 (or above), then I could see this error popping up.</P> <P>In any case, please provide a full log card (redacting sensitive details.</P> Thu, 25 Jul 2024 19:00:13 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/TLS-alert-protocol-version-after-QUIC-blocking-and-connecting/m-p/221953#M42544 PhoneBoy 2024-07-25T19:00:13Z