"...good for voice and video," (also awesome for games, btw) "-but that's all you can do with it so just block it." Because nobody wants to do voice, video, or games?
@jackkopp7155
Жыл бұрын
Typo - you blocked UDP 433 instead of 443.
@SickBeard
Жыл бұрын
Minor nitpick, but talking about the current iteration of QUIC like it was developed by Google is like saying SSL/TLS was developed by Netscape. Technically true, but vastly different now than X years ago.
@mehrdadfeller
2 ай бұрын
You are not blocking QUIC specifically, you are blocking all UDP traffic on port 80 & 443 which is broader than QUICK itself. What if some other service wants to send UDP packets on those ports?
@blindside995
Жыл бұрын
Great Video Willie! Really been enjoying the firewall lockdown series.
@martincourtemanche2724
Жыл бұрын
Would you know why one would have to use the Traffic Management if a Firewall rule is already in place? I used the Traffic Management rules and the traffic was still passing through, but changed it to the Firewall rules and only then did the traffic stopped passing.
@DeliberateGeek
Жыл бұрын
As always, great video. I'll have to do a bit more research on this to determine the best settings for me. I'm using a UDMP for a home network. I disabled QUIC and a day or two later, discovered that the Instagram app fails without it, so the family had a fit. Gotta decide whether to block it for specific networks, or block it for all networks, but allow it from certain sources, etc...
@jasonluong3862
Жыл бұрын
Can the firewall be configured to allow QUIC for specific hosts in the LAN or specific VLAN? Blocking QUIC for the entire LAN is overkill. For example, how about allowing QUIC for IoT devices like smart TVs. These devices use a lot of data so QUIC would reduce processing load, but given the data is just videos, security is not important, especially when they are assigned their own VLAN.
@blindside995
Жыл бұрын
You definitely can. The way I would do that. Is make an IP Group that you do not want QUIC blocked on and put them in the destination. LAN-IN destination. I could be mistaken, but I think that is certainly a way you could do it. Alternately, make an allow rule above that one for those specific network with the protocol QUIC.
@Red1Wollip
Жыл бұрын
Willie you are the best my friend!
@jamiebarnes3539
Жыл бұрын
most services use QUIC blocking it will cause you problems.
@martincourtemanche2724
Жыл бұрын
I'm looking into this, but I can't find one that didn't one that did not cause me problems and my network are complex. Would you be able to share with us one typical service that is affected by such a rule? thx
@JohnSmith-sc6jt
Жыл бұрын
My Unifi network app. Shows a different Traffic Management screen. It doesn't have rules that gives a list like what is shown. It has a place to create static routes and then a place for traffic restrictions. It requres a Add Restriction Group and the dropdown list for categories gives general options like "Business Tools", "File sharing services and tools", and others, but no list to block specific web sites, domains or apps. I thought I was in the latest version of 7.3.83, at least when I check updates it tells me I have the latest. Any tips?
@Jr2728
Жыл бұрын
Which unifi control do you have?
@JohnSmith-sc6jt
Жыл бұрын
@@Jr2728 I am using the application version 7.3.83 with a USG
@kristopherleslie8343
Жыл бұрын
❤
@vonnikon
5 ай бұрын
Blocking QUIC makes the internet experience slower and more annoying for all your users. I hope they enjoy watching loading-screens...
@WillieHowe
5 ай бұрын
If quic is blocked in can fail back to other means. However -- in corporate and school networks where you have to have control, blocking quic is the right thing to do.
@Jianju69
4 ай бұрын
@@WillieHowe Sure, but the video frames it more like [everyone should block QUIC because all it can do is voice and video.]
Пікірлер: 19