Allow Apple Private Relay but block category "Proxy Avoidance and Anonymizers"?

BCC-SAS
Here to help

Allow Apple Private Relay but block category "Proxy Avoidance and Anonymizers"?

I'm curious about content filtering behavior that seems a little strange...

 

I block the category 'Proxy Avoidance and Anonymizers' across my sites, and I used Apple's instructions on allowing the correct sites/sub-domains for iCloud Private Relay, but I'm seeing my logs full of blocked "category 'Proxy Avoidance and Anonymizers'" for https://mask-api.icloud.com/

 

Is there any reason for this or does this sound like a bug of some kind?

 

thanks

Blair

3 Replies 3
CptnCrnch
Kind of a big deal
Kind of a big deal

Have you followed this guide? What MX version are you running? I'm asking because they switched from Brightcloud to Talos with 16.x, perhaps it could have an impact.

BCC-SAS
Here to help

Yes, I set those rules up just like any others I'm using - my devices are actually mixed (small sites are on 16+ larger sites are on 15.44)...

Is there a page that we can use on Talos to update 'classifications' for sites like Brightcloud had? 

BCC-SAS
Here to help

That said, I now don't see my logs full of 'content blocked' for icloud -- I love a problem that disappears on its own!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels