Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1636
Views
0
Helpful
1
Replies

Allow HTTPS over UDP though FTD?

Warren Sullivan - Corp
Level 1
Level 1

‎06-18-2020 11:04 PM

Hi All,

 

Well we have just migrated to FTD from Sophos UTM, and it, like all FW migrations was an interesting one!

 

All in all, a successful migration and we are now humming along over the new system, happy campers so to speak.

 

One question, our main internet access policy allows only http and https (TCP) and after migration we had a few tickets logged about super slow upload speeds to various cloud hosting services and streaming sites.

 

After a bit of digging i noted that HTTPS(443) over UDP was being blocked, i created a testi ACP Rule to allow HTTP/HTTPS and HTTPS over UDP) and upload speed was restored to its former glory (fast)

 

My question is, what is everyone doing with this protocol? are you allowing it through as a standard? or not?

 

FYI we are using SSL interception from inside to out.

 

Thanks in advance!

 

Warren

 

 

 

 

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎06-18-2020 11:12 PM

Hi,

It’s more common nowadays, Google QUIC and even cisco uses it for AnyConnect RAVPN for DTLS for better performance. If you are concerned about it, permit access to just those cloud services using udp/443.

 

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card