SSL/TLS filtering must have extension server_name

PeterUK
PeterUK Posts: 2,655  Guru Member
First Anniversary 10 Comments Friend Collector First Answer
edited August 2022 in Security Ideas

For Content Filter the SSL/TLS traffic must have extension server_name or else block option.


1 votes

Active · Last Updated

Comments

  • WJS
    WJS Posts: 123  Ally Member
    First Anniversary 10 Comments Friend Collector First Answer
    I think the "Trusted Web Sites" , "Forbidden Web Sites"  also use SNI (Server Name filed) to identify.
    So it should work.


  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    I don't think you get what I mean I want to allow all SSL/TLS traffic but drop traffic without extension server_name because the USG can't know what its for.