CFS not working with Firefox and Chrome HTTPS
Chechler_2 Newbie ✭
I have a TZ570 with a CFS license. I have imported our CA root to the firewall and enabled for the SSL-DPI. Enabled the forebined URIs for social media sites. Blocking is working on Edge, however most users are on Chrome and some on Firefox. Running latest firmware on the TZ.
Category: Mid Range Firewalls
BWC Cybersecurity Overlord ✭✭✭
@Chechler_2 did you blocked QUIC (udp/443)? Because this is used by some high-volume Sites and currently not handled by most of the Firewalls out there.
Just create an Access Rule with a Priority of 1 from LAN to WAN dropping all Packets for a new manually created Service QUIC (udp/443). This only applies if you're not dropping unknown/unhandled Ports already.
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
Thanks for the quick response. Your solution has solved the issue with Firefox and Chrome not supporting the blocked Social media sites
I sopke to soon.. I tested with Firefox and the site was blocked, however when I tried Chrome the social media site came up in the browser
@Chechler_2 did you tried on different Endpoints, cleared the Browser Cache or used the Incognito Mode in Google Chrome to avoid any caching issues?
If it's working in Firefox I cannot see a reason why not in Chrome.
@Chechler_2 hehe ... this is a tricky one, easy to be overlooked.