SSL/TLS filtering must have extension server_name

PeterUK
PeterUK Posts: 1,383  Guru Member

For Content Filter the SSL/TLS traffic must have extension server_name or else block option.


1 votes

Active · Last Updated

Comments

  • WJS
    WJS Posts: 43  Freshman Member
    I think the "Trusted Web Sites" , "Forbidden Web Sites"  also use SNI (Server Name filed) to identify.
    So it should work.


  • PeterUK
    PeterUK Posts: 1,383  Guru Member

    I don't think you get what I mean I want to allow all SSL/TLS traffic but drop traffic without extension server_name because the USG can't know what its for.