If you think the content filter is not working as expected
Zyxel Employee
Symptom:
If you think the content filter has not worked the webpage as expected.
Checking:
1) Please block QUIC Ports.
QUIC uses UDP port 80 and port 443. The complete TLS client Hello, including any TLS Server Name Indication (SNI) present, is sent in one or more CRYPTO frames across one or more QUIC Initial packets.
2) If there are multiple categories, as long as it matches one of them, it will be blocked.
For example, if block Streaming Media or Media Sharing. Youtube will be blocked.
Route>configure terminal
Router(config)# content-filter url-server test
Router(URL)#
result_all: Streaming Media, Media Sharing
HTTPS Domain Filter result_all: Streaming Media, Media Sharing
Botnet result_all: Not Found
The query takes: 1.000000 seconds
3) For HTTPS traffic we will check the content of SNI. Please check if there are managed URL in packets
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 916 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight