Just ran into an issue with some website loading for some of my users and some not. More specifically, in one example users on RA VPN were able to get to login.umbrella.com and others who were onsite in the office could not. Cisco TAC identied the issue with VDB 334. I'll post the link to the CSC and copy/paste down below:
Our fix was to install VDB 335 and can confirm it has fixed the issue. VDB 335 looks like it release on May 29th.
Link: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu40563
Full Text:
Symptom:
VDB 334 classifies cloudfront.net traffic as "HotSpot Shield" application
Conditions:
Issue is seen when VDB 334 is installed
Workaround:
Remove application "hotspot shield" or application category "Anonymizer/Proxy" from the ACP block rule
Note: VDB rollback to old version couldn't resolve it so we have to go with removing app/category from rule until this is fixed
Further Problem Description:
Zoom requires TCP 443 traffic to cloudfront.net or any website which is hosted on AWS uses cloudfront as CDN are reporting this issue.
VDB 334 classifies the traffic to cloudfront.net as HotSpot Shield. if customer has any rule to block traffic with application category "Anonymizer/Proxy" or application specific "Hotspot Shield" then legitimate zoom traffic would be blocked
No comments:
Post a Comment