we have been experiencing a case where users cant access websites after upgrading their iOS to 15.5
users using 15.4 and lower have no problem accessing websites via firewall. upon searching, seems like that the new feature from iOS 15 called "hide my ip" seems to be the culprit. From the log, seems the apple domains are being blocked with UTM which is causing our users no access to website.
by the way, when doing the exact same operation from outside corporate network (no forti) they can access the website without a problem
we have submite a webfiltering permit case to forti but i was wondering if anyone else was experiecing this?
Created on 06-10-2022 09:28 AM
Hello @sysneeb ,
Thank you for posting on Fortinet Forum. As per the research on your query, it seems like iOS while using "Hide my IP" feature is sending these via the QUIC protocol to mask.icloud.com and mask.apple-dns.net.
Please check your application control profile and see if you are blocking QUIC. You can create a test policy and a test application profile and disable QUIC and confirm if that fixes this issue.
Let me know if this works.
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.