- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- CloudMates General
- :
- Re: traffic allowed for URL filtering category blo...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
traffic allowed for URL filtering category blocked websites
Hi Mates,
We have odd issue with URL filtering. We have blocked some categories but still we are able to access websites which belong to those categories. Interestingly log and capture shows connection is rejected but still users are able to access those websites.
For example, we have blocked category "Weapon", but we can access https://winchesterguns.com or https://browning.com
We have set mode "Hold" in URL filtering setting, but issue still persist.
Thanks in advance.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Please check if sk182318 applies?
2. Do you block QUIC traffic in the environment?
3. Is SSL inspection enabled here?
4. Which version & JHF?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Chris,
sk182318 did the trick. We were on R81.10 take 139 and upgraded to take 150 which include fix of TLS1.3 hybridized kyber support. First, we tested by disabling TLS1.3 hybridized kyber support on browser and it worked. Thanks for your help
@the_rock - Thanks for doing all efforts. We dont have ssl inspection enable but sk182318 resolved issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Please check if sk182318 applies?
2. Do you block QUIC traffic in the environment?
3. Is SSL inspection enabled here?
4. Which version & JHF?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Chris,
sk182318 did the trick. We were on R81.10 take 139 and upgraded to take 150 which include fix of TLS1.3 hybridized kyber support. First, we tested by disabling TLS1.3 hybridized kyber support on browser and it worked. Thanks for your help
@the_rock - Thanks for doing all efforts. We dont have ssl inspection enable but sk182318 resolved issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Excellent.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I see what Chris is saying. I am willing to bet if you dont ssl inspection enabled, this will never work. Let me test it in the lab and will resport back here.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As I suspected, works 100% as it should with ssl inspection enabled. See below in my lab.
Andy