Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When going over a tunnel all traffic will go through the CDFW and then all web traffic will be sent to the proxy (excluding any bypassed domains/IPs). Any traffic going through the CDFW and the proxy will be subject to policy enforcement based on the...
Are your sure the file type you are downloading matches the file type you are blocking in Secure Access? If so you might want to open a TAC case to further look into the issue.
Is the web security enabled in your internet security settings in Secure Access? If so, first check the network requirements doc below to make sure all allowed IPs/urls and ports are being allow through your firewall.
https://docs.sse.cisco.com/sse-u...
