Author Topic: Zentyal 7.0 Block HTTPS, mobile phones, DoH  (Read 1024 times)

grolon

  • Zen Apprentice
  • *
  • Posts: 38
  • Karma: +2/-0
    • View Profile
Zentyal 7.0 Block HTTPS, mobile phones, DoH
« on: August 07, 2021, 03:25:15 pm »
Hi all
I've working with Zentyal Commercial Edition, testing Block HTTPS sites.
This is quite simple in Zentyal 7.0.4. Tested Windows 10 x64 Desktop, and notebooks, users can't access sites like facebook, youtube, netflix, using squid proxy filter and profiles.
I don't get error messages, like HTTP, because of HTTPS encapsulation. But, that is OK, for now, thansparent proxy works OK. My user can't open youtube in a particular time frame.

The real deal is Mobile Phones, this is a pain in the a. . . Googling i've found that android browsers use something called DoH, DNS over HTTPS. I can disable this option in Edge, Chrome, Firefox, Opera, in Windows Desktops. Mobiles ?, NOP. Mobile browsers use their own DNS configuration, DoH, they connect to specific DoH server, public servers.

Any experience blocking DoH servers using Zentyal Firewall ?

Thanks in advance

Regards, Saludos