Articles in this section

See more

How to disable QUIC Protocol for Google Chrome

Avatar
Joshua Prime
  • Updated
Follow

Umbrella customers who are using AnyConnect Secure Mobility Client + Secure Web Gateway (SWG) may find that they need to disable the QUIC protocol within their Google Chrome settings in order to avoid encountering issues such as Google related pages not displaying correctly or Youtube videos not loading as expected or issues where application enforcement fails to apply.

You may see an error similar to the one in the screenshot below, for example.

image003__3_.png

Google Chrome uses QUIC to connect to all google services by default. This means all requests to google services via the Google Chrome browser use UDP instead of TCP. This means the AnyConnect Secure Mobility Client will not intercept these requests and therefore the proxy will not see them.

Therefore, at this time, a default Chrome installation is not fully supported for Google Products with SWG at this time. QUIC must be disabled. Application controls and page loads may not function as expected without disabling QUIC.

Symptoms of QUIC enabled on Google Chrome

  • Google sites may fail to load
  • SWG settings for Google sites may fail to apply
    • Application Control
    • Advanced Application Control (like uploads)
    • Policy enforcement

Disabling QUIC in Google Chrome

For more information on disabling QUIC on a managed device, see https://support.google.com/chrome/a/answer/7649838?hl=en. You can manually disable QUIC in Google Chrome using the Experimental QUIC protocol (#enable-quic) flag:

  1. In the address bar, type:  chrome://flags#enable-quic
  2. Set the Experimental QUIC protocol flag to Disabled
  3. Relaunch Chrome for the setting to take effect.

The following Windows registry key (or Mac/Linux preference) can be used to disable QUIC in Chrome, and can be enforced via GPO or equivalent:


Data type:

Boolean [Windows:REG_DWORD]

Windows registry location for Windows clients:

Software\Policies\Google\Chrome\QuicAllowed

Windows registry location for Google Chrome OS clients:

Software\Policies\Google\ChromeOS\QuicAllowed

Mac/Linux preference name:

QuicAllowed

Description:

If this policy is set to true (or not set), usage of QUIC is allowed. If the policy is set to false, usage of QUIC is not allowed.

Recommended value:

Windows: 0x00000000 , Linux: false, Mac: <false />

Related articles

Comments

0 comments

Please sign in to leave a comment.