Issues with DoH

[Toni Tiveron 0]

Hi All,

I've created a policy to block traffic for Anonymizer and Peer-to-peer traffic for all our users when working remotely.

This has triggered some issue, just today, as one on our users visited a partner and they forces DoH on their Guest network

Seems that all DoH queries belong in one of the above categories (that I blocked).

Is there any way to allow DoH queries w/o triggering all categories?

[Marcos 4,706]

You can create a permissive url-based rule for the above url in Web Control and put it on top of the rules.

[Toni Tiveron 0]

Sorry Marcos, but I really can't list all DoH a company/user can access/use.

I think ESET should create a proper policy for the DoH protocol (as well as for DoT).

This will allow a company to permit such traffic.

 

[Toni Tiveron 0]

Am I the only one facing issues with DoH?