browse
Overview
Cisco Umbrella's Cloud-Delivered Firewall (CDFW) only supports TCP, UDP, and ICMP traffic sent to and from the internet. CDFW will silently drop any other protocol from the IP protocol suite without logging these drops in the Umbrella dashboard.
Impacts
Applications that make use of a layer 4 protocol other than TCP, UDP, or ICMP may fail when sending traffic via CDFW. The IP Protocol Suite protocol numbers for ICMP, TCP, and UDP respectively are 1, 6, and 17.
You can check the IP protocol number by looking for the "Protocol" field in the layer 3 (IPv4 or IPv6) header in Wireshark. In the example below, the protocol number is Protocol 46, and it is not supported by CDFW.