If you think the content filter is not working as expected
Zyxel Employee
Symptom:
If you think the content filter has not worked the webpage as expected.
Checking:
1) Please block QUIC Ports.
QUIC uses UDP port 80 and port 443. The complete TLS client Hello, including any TLS Server Name Indication (SNI) present, is sent in one or more CRYPTO frames across one or more QUIC Initial packets.
2) If there are multiple categories, as long as it matches one of them, it will be blocked.
For example, if block Streaming Media or Media Sharing. Youtube will be blocked.
Route>configure terminal
Router(config)# content-filter url-server test
Router(URL)#
result_all: Streaming Media, Media Sharing
HTTPS Domain Filter result_all: Streaming Media, Media Sharing
Botnet result_all: Not Found
The query takes: 1.000000 seconds
3) For HTTPS traffic we will check the content of SNI. Please check if there are managed URL in packets
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight