Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Untangler
    Join Date
    Aug 2009
    Posts
    69

    Default Firefox Version 85 Blocked as UltraSurf

    I have posted this on Mozilla's forum, and have followed their instructions for dealing with Firefox not browsing to websites. However, I have replicated this issue on several desktops:
    • Before Firefox 85, browsing worked as expected, and traffic was identified in the Reports as from Mozilla
    • After the Firefox 85 upgrade, most traffic in Application Control is now identified as the UltraSurf VPN.


    I block VPN and proxies in Application control, so this has all but destroyed web browsing with Firefox. You can browse a website on the same desktop in Chrome or Edge just fine, yet it fails with an unreachable error in Firefox 85.

    Any thoughts as to why Application Control is now identifying packets from Firefox 85 as the Ultrasurf VPN?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,394

    Default

    Firefox by default uses DNS over HTTPS which UltraSurf also uses. Turn it off in Firefox if you wish.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Aug 2009
    Posts
    69

    Default

    Jcoffin, thank you for your reply. That was one of the first things I tried as per Mozilla's instructions. That did not make a difference, even after clearing cache and browsing history.

  4. #4
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,353

    Default

    Can be some add on in firefox? disable all and try again
    The world is divided into 10 kinds of people, who know binary and those not

  5. #5
    Untangler
    Join Date
    Aug 2009
    Posts
    69

    Default

    Thank you for your reply. I have tried that too. Part of my testing was with an install of Firefox without any add-ons (plain install from Mozilla). Browsing was fine. I updated to version 85 and browsing stopped, and showed as Ultrasurf in Application Control.

    I have now experienced this on Windows 10, Ubuntu 18.04, and MacOS. The only common variable is that all recently updated Firefox to version 85.

  6. #6
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,828

    Default

    Quote Originally Posted by dwasserman View Post
    Can be some add on in firefox?
    It's not an add-on. As of 85, it's a core feature. It does prompt the user to approve, but the prompt is designed in such a way that most people who are not paying attention will just approve it.

    Like it or not, if you want to support byod in your environment, this is something you have to deal with now.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.2 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  7. #7
    Untangler
    Join Date
    Aug 2009
    Posts
    69

    Default

    Which core feature are you referring to? The main change I read in the release notes was related to updates to the tracking protection. Disabling tracking protection didn't help. There also was no prompt after the update was completed on any of my test machines.

  8. #8
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,671

    Default

    It was mentioned above: https://support.mozilla.org/en-US/kb...dns-over-https

    And it's been a problem for awhile now. The largest issue I have is the simple fact that you can't "turn it off".

    I mean you can in the browser to flip the switch, but none of the network settings you're supposed to be able to do as a net admin work to control the behavior as indicated in the above documentation.

    Specifically this: https://support.mozilla.org/en-US/kb...dns-over-https

    As far as I can tell is nothing but pure lies. Ok well that's very hyperbolic... but the tool provided is useless.

    It's pretty easy to head into Untangle's DNS tab and toss in a record for use-application-dns.net, and have it resolve to literally anything. I have mine resoling to 127.0.0.1.

    But the browser IGNORES the setting if the user enabled DOH themselves, which is to say... they clicked OK on that one popup that one time who knows when ago.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  9. #9
    Untangler
    Join Date
    Aug 2009
    Posts
    69

    Default

    But you can turn it off, according to Mozilla's documentation:
    https://support.mozilla.org/en-US/kb...dns-over-https

    And the message that appears in this documentation I remember seeing appear in a much earlier version of Firefox (it's available in version 78esr). Also, as I mentioned previously, disabling this did not make a difference.

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,671

    Default

    I can't duplicate this... I'm using the version of Firefox specified, I've undone and redone everything I can find in regards to DNS over HTTPs. I can start and stop those sessions with Threat Prevention.

    But no matter what I do, Application Control sees all this traffic as MOZILLA, or SSL.

    So I'm starting to think this has nothing to do with DNS over HTTPs and more to do with Application Control performing a false positive in this case. But why? I cannot say... because again DNS over HTTPs is just SSL traffic on my App Control.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2