Traffic inspection bug relay_invalid_traffic

This is still an issue there are too many services using http pipelined connections to ignore it.

Official Sophos response, http pipelined is not an issue and is not supported because nobody uses it.

Now microsoft joins to netflix and many other companies that are already using it. Maybe someday Sophos XG will block windows updates and still won't be an issue.

More legitimate traffic blocked

More legitimate traffic blocked

core_memory and IOraiden,

As has been asked before - please contact support and have them escalate until it gets to devs so we can investigate your boxes.

Complaining more on the forum does nothing because we cannot reproduce the problem.

this can be reproduced but since these are http pipeline requests they say that is not supported by the DPI mode.

Actually i cannot find any application within my appliances and my peer appliances, which have http pipeline requests beside netflix. 

None of my own appliances with DPI enabled and Office365/Teams etc. uses http pipeline.

My question would be, which application within the microsoft world is causing this? 

I have no Idea, I have normal Windows 10 Pro machines with office 2019.

I guess they will fix it or do something about, but I guess if any customer complains about  this the workaround would be to create a proxy rules for those clients, and the it won't even be a priority for Sophos to solve.

Another option would be to create a Firewall rule for the destinations, using FQDN host objects, that uses the proxy instead of DPI mode. This would be more targeted that just using the proxy for all traffic from those clients.

But, that doesn't work in IPv6 firewall rules.

I think it makes sense to share in this forum that using DPI mode causes this problem. I also learned about this issue in this forum. If we share the case, we may find some hints to reproduce this issue.

I can't contact support.

I am using the virtual version on VMware ESXi 7.0U1.