Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 1 reply
  • Subscribers 39 subscribers
  • Views 1363 views
  • Users 0 members are here
Options
Suggested

Why does XG break oauth 2.0 connections?

rfcat_vk

Hi folks,

Before the upgrade the gmail account used user name and password, after the upgrade the username and password were disabled and oauth 2.0 was the approved security method.

Today I upgraded my iPhone and iPad to the latest version of IoS and found my gmail account would not connect to the gmail server.

I have the gmail site in both exception and ssl/tls profiles.

Now if I use the iPhone hotspot or are out and about the connection works fine.

The information  by google implies that oauth 2.0 is a new protocol maybe port but says it uses https.

Nothing in the logs shows failed connections.

Currently running v20.0.2 mr-2

Thoughts please?

Ian



added historical setting information
[edited by: rfcat_vk at 9:57 AM (GMT -7) on 17 Sep 2024]
  • +1

    Hi folks,

    mail security is becoming very difficult. The web exceptions I created did not work.

    Gmail IPv6 does not like being scanned whereas gmail IP4 messengers go through mail scanning okay.

    I have created a /48 address range for gmail ipv6 access because i could not identify all the servers involved.

    There is now an IPv6 firewall rule with the /48 network as the destination and web filtering but not decrypt and scan enabled.

    Ian

    The reason for the /48 address is the current version of XG does not support IPv6 FQDNs in the networking component of the firewall rule.

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML