Hello everyone,
For the last few days, numerous XG firewalls at several of our clients have been experienced a strange issue when filtering sites hosted behind Cloudflare. I'm posting to see if anyone else has come across this issue and ask if anyone knows why it may be happening.
This issue seems to have started this past Sunday (8/29) as that is when users began noticing the issue. Basically, what has been happening is if a site is hosted behind Cloudflare, or utilizes Cloudflare services, the site(s) are blocked in the packet filter. We have Country Blocking configured but all of the affected sites were resolving as USA in the logs which is not part of our block.
The fix was to create a rule allowing all HTTP/HTTPS to any Cloudflare IP subnets (https://www.cloudflare.com/ips/) and leaving all other protections in place (Web proxy, App Control, IPS). After the fix, all of the affected sites were still stating USA as the destination country, but showing as the traffic was passing and connecting fine.
Everything was functioning normally prior to Sunday. That's the most puzzling part and why we're wondering if anyone else has experienced this issue.
Thank you.
For the last few days, numerous XG firewalls at several of our clients have been experienced a strange issue when filtering sites hosted behind Cloudflare. I'm posting to see if anyone else has come across this issue and ask if anyone knows why it may be happening.
This issue seems to have started this past Sunday (8/29) as that is when users began noticing the issue. Basically, what has been happening is if a site is hosted behind Cloudflare, or utilizes Cloudflare services, the site(s) are blocked in the packet filter. We have Country Blocking configured but all of the affected sites were resolving as USA in the logs which is not part of our block.
The fix was to create a rule allowing all HTTP/HTTPS to any Cloudflare IP subnets (https://www.cloudflare.com/ips/) and leaving all other protections in place (Web proxy, App Control, IPS). After the fix, all of the affected sites were still stating USA as the destination country, but showing as the traffic was passing and connecting fine.
Everything was functioning normally prior to Sunday. That's the most puzzling part and why we're wondering if anyone else has experienced this issue.
Thank you.
This thread was automatically locked due to age.
