Meraki

AJAY2

Hi,

Is there a way we can disable QUIC protocol on the Guest client browsers (Captive portal via Cisco ISE) to ensure Content filtering works as expected on the MX/Firewall ?

Brash

This post has some good information about methods to block QUIC traffic

https://community.meraki.com/t5/Security-SD-WAN/Block-QUIC-navigation-about-google-protocol/m-p/2681...

View solution in original post

Brash

This post has some good information about methods to block QUIC traffic

https://community.meraki.com/t5/Security-SD-WAN/Block-QUIC-navigation-about-google-protocol/m-p/2681...

BlakeRichardson

This premise of QUIC is good but it creates all sorts of issues with content filtering and SSL inspection.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

alemabrahao

Block UDP/443 on MX for Guest VLAN. This is the simplest and most effective method.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Inderdeep

May be this helps, the past details

https://community.meraki.com/t5/Security-SD-WAN/Block-QUIC-navigation-about-google-protocol/m-p/2262....

Cisco Awarded Blogs 2020/2021 https://www.thenetworkdna.com/

AJAY2

Tell me whether blocking on the Zscaler DNS will prevent the QUIC protocol issues?

alemabrahao

Blocking only via Zscaler DNS may reduce some QUIC‑related issues, but it will not reliably prevent QUIC. For consistent results, you need to block QUIC at the network/HTTP proxy level, not just DNS.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

QUIC Protocol Disable methods

QUIC Protocol Disable methods