I have a custom application that accesses a remote range of IP addresses, lets say for example 206.0.0.0 - 206.255.255.255, this is UDP based traffic. The issue is, Sonicwall NSA has been configured to block all proxy-based access and is detecting this traffic as "PROXY-ACCESS Encrypted Key Exchange -- UDP Random Encryption(UltraSurf) sid=7" and is blocking the application. How would I go about getting this traffic unfiltered access to that ip range? I tried adding address object for that range and creating an access rule to allow it through, but it still seems to be blocked. Any assistance is welcome, thanks.
SnapOverflow
I was able to allow iOS updates while blocking PROXY-ACCESS. I had to allow HTTP Proxy under PROXY-ACCESS.
It would appear (assumption) that the ports you are trying to access externally (maybe 500 or 4500/5500?) are typically reserved for VPN traffic and as such are hitting the block that is setup.
See here: Sonicwall App Control Signature
Basically you'll need to set an exclusion in that block for those external IPs:
Found this in searching for a solution to our problem. We've discovered the same thing. Apple updates for our ipads are being blocked by this same signature. This is the second time we've seen content from Akamai servers blocked for EKE.
At this point, we just opened up all EKE. Just didn't seem worth the hassle to find all the false-positives that this is blocking