Netskope Community
-
Forums
ProductsCommunity Resources
-
Learn
Education, Training, Certification, and Thought LeadershipCommunity Resources
-
Groups
Community GroupsCommunity Resources
-
Events
Community Resources
- Support
- Netskope Community
- Products
- Next Gen SWG
- bypassAppMgr Blocking UDP against Exception specif...
bypassAppMgr Blocking UDP against Exception specified IP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Hi,
Kindly advise me that we set "Exceptions" registration on certain IP,
and the bypass setting seems working on TCP request, but UDP ones are blocked as below.
[log said:]
- Labels:
-
SSL bypass
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello @mochi. What port is this traffic on? Also, just to confirm, the exception you added was an IP based exception? If so, can you also ensure the "Treat like local IP" is checked on the steering configuration?
Sam Shiflett
Netskope Sales Engineer - North Florida
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello @sshiflett
Thanks for your reply!
The port is 443 and I was add IP base exception (public IP address).
I'm afraid that I couldn't grasp why we need to check "Treat like local IP address" against public IP address based exception.
Do you think we should check it?
Appreciate your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
Hello,
I saw that behavior few weeks ago. It should only occur on UDP/443 (quic protocol). The client blocks those UDP/443 flows to avoid the client/app evading the security controls and inspection. Here Chrome should fall back to regular HTTPS TCP/443
Have a nice day
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Thanks @armeld !
Good point that I did not check if our Chrome was fall back to regular TCP 443 using.
I will check it!
Thanks again!!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Sites with self-signed certificates - apply exceptions -not global in Next Gen Secure Web Gateway (SWG)
- Certificate Pinned App (CPA) in Next Gen Secure Web Gateway (SWG)
- Any ideas on error UPD errors and nsClientFLow in Cloud Access Security Broker (CASB)
- Windows 365 or Azure Virtual Desktop and Netskope Client - Best Practices in Next Gen Secure Web Gateway (SWG)
-
SWG
22 -
NG-SWG
17 -
DLP
11 -
NSClient
8 -
Next Gen SWG
7 -
NGSWG
6 -
netskope client
5 -
Netskope Endpoint Client
4 -
SSL bypass
4 -
Client
4 -
sso
4 -
android
4 -
policy
3 -
IDP
3 -
Decrypt SSL
3 -
Threat Protection
3 -
DLP Violation
3 -
cloud firewall
3 -
GRE
3 -
URL List
3 -
Google Idp
3 -
Support Mobiles
3 -
SCIM
3 -
skopeit
3 -
Linux
2 -
User Notification
2 -
Certificate SSL
2 -
traffic
2 -
ssl
2 -
malware
2 -
ipsec
2 -
cfw
2 -
users
2 -
IPSec Tunnels
2 -
Email DLP
2 -
Real-time Policy
2 -
forward proxy
2 -
steer traffic
2 -
Netskope Agent
2 -
categories
2 -
Provisionning
2 -
Admin
2 -
Azure
2 -
Apps
2 -
Windows OS updates
2 -
IOS
2 -
inline
2 -
Cloud
2 -
okta
2 -
Groups
2 -
communication between domain and application
1 -
alerts
1 -
Traffic Steer on Galaxy S8
1 -
Explicit Proxy
1 -
Local Groups
1 -
Private App
1 -
Instances APP Enterprise
1 -
no decryption
1 -
SASE
1 -
Cloud & Threat Challenges
1 -
questions
1 -
Chromebook
1 -
SWG Login
1 -
Remote Browser Isolation
1 -
punycode
1 -
Advanced Analytics
1 -
Rest API
1 -
Block Page
1 -
intel CPU
1 -
Automation
1 -
discord
1 -
interception
1 -
block
1 -
Authentication
1 -
RBAC
1 -
slowness issue
1 -
Dropbox
1 -
SSL-TLS
1 -
ngrok
1 -
Epic
1 -
browser
1 -
MIP
1 -
Education
1 -
export
1 -
certificate
1 -
Certificate Pinned
1 -
TLS
1 -
UPD errors and nsClientFLow
1 -
SSL Decrypt Bypass
1 -
steering
1 -
Netskope
1 -
import
1 -
activities
1 -
Desktop Dropbox
1 -
Log
1 -
GOSKOPE
1 -
openai
1 -
security posture check
1 -
User Group
1 -
Netskope Threat Labs
1 -
entry
1 -
Download
1 -
Firewalls Local
1 -
chatgpt
1 -
best practice
1 -
CCI
1 -
configuration
1 -
ChromeOS
1 -
Upload
1 -
Directory Importer
1 -
PAC file
1 -
web debugging fiddler proxy
1 -
EDM
1 -
flow
1 -
explicit proxy over IPSec
1 -
Reverse Proxy
1 -
cloud exchange
1 -
Custom Rule
1 -
logs
1 -
Fail Close
1 -
sensitivity
1 -
fundamentals
1 -
Office 365
1 -
domain
1 -
CASB
1 -
Guidelines
1 -
log data
1 -
endpoint
1 -
url categorization
1 -
CTEP
1 -
AVD
1 -
Access
1 -
file size
1 -
vpn
1 -
steering exception
1 -
install
1 -
CCL
1 -
extension
1 -
url filtering
1 -
Default OfficeSuite policy
1 -
DaaS
1 -
MFA
1 -
incremental update
1 -
API
1 -
Next Fen SWG
1 -
multi-user mode
1 -
Upgrade
1 -
Changes
1 -
OfficeSuite
1 -
Virtual Desktop
1 -
native definition
1 -
MacOS
1 -
Reports
1 -
Config
1 -
No Decrypt
1 -
App
1 -
Threat
1 -
Widgets
1 -
Config Update
1 -
Default Policy
1 -
Azure AD
1 -
APP instance
1 -
client update
1 -
data
1 -
WebSecurity
1 -
Report
1 -
Enterprise Application
1 -
PAC
1 -
Sync
1 -
Instances Corp
1
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In