Why does XG break oauth 2.0 connections?

Question

Hi folks, 
 Before the upgrade the gmail account used user name and password, after the upgrade the username and password were disabled and oauth 2.0 was the approved security method. 
 Today I upgraded my iPhone and iPad to the latest version of IoS and found my gmail account would not connect to the gmail server. 
 I have the gmail site in both exception and ssl/tls profiles. 
 Now if I use the iPhone hotspot or are out and about the connection works fine. 
 The information by google implies that oauth 2.0 is a new protocol maybe port but says it uses https. 
 Nothing in the logs shows failed connections. 
 Currently running v20.0.2 mr-2 
 Thoughts please? 
 Ian

rfcat_vk · Accepted Answer

Hi folks, 
 mail security is becoming very difficult. The web exceptions I created did not work. 
 Gmail IPv6 does not like being scanned whereas gmail IP4 messengers go through mail scanning okay. 
 I have created a /48 address range for gmail ipv6 access because i could not identify all the servers involved. 
 There is now an IPv6 firewall rule with the /48 network as the destination and web filtering but not decrypt and scan enabled. 
 
 Ian 
 
 The reason for the /48 address is the current version of XG does not support IPv6 FQDNs in the networking component of the firewall rule.

Why does XG break oauth 2.0 connections?

Top Replies