First Post here so forgive any misteps.
We have a challenge that is going around in circles the last week.
In Australia we the Telco's are now doing VoWIFI which is basically an IKE Tunnel to their servers to allow VoWIFI.
We are more than happy to allow this traffic on our Guest Wireless networks.
Unfortunately, Anon/PrivateVPN services also use UDP/500 to do their business which we block by policy.
I can create a specific rule and match those destinations which will work for a while, however the providers will change their server addresses so I will play 'Chase The Server' in the next 12 months.
My question, is it worth trying to get this recognized as a new Application? Do the packet capture and see if there is any SIP identifiers inside etc?
What is the best way to go about this - hoping it might result in a benefit to others not just us?