Limitations for Cisco Security for Chromebooks
Following are the limitations of DNS-over-HTTPS for the Cisco Security for Chromebook client.
| Limitation | Description |
|---|---|
| Internal domains | ChromeOS does not allow configuration of customers' internal domains, which affects configurations involving split domains or split brain DNS configurations. However, if DNS-over-HTTPS (DoH) cannot resolve internal domains, ChromeOS does a local resolution as a backup. To address this situation, use the "DNS-over-HTTPS with insecure fallback" configuration in Google Workspace. For detailed steps, see Enabling DNS-over-HTTPS with Insecure Fallback guide. |
| Virtual appliance | Virtual appliance detection and backoff is not supported by the DNS-over-HTTPS based solution because of ChromeOS limitations. However, you should not encounter issues with DNS resolutions in Chromebooks because of the limitation. |
| APP authentication | While using SWG for Cisco Security for Chromebook client, you might encounter issues uploading and downloading files in Android apps, including Gmail and Google Drive. The problem is that the SWG proxy lacks the required authentication headers for specific app requests, which causes errors in authorizing file transfers: https://chromeenterprise.google/policies/#SystemProxySettings |
| Reporting and Logging | Because the Cisco Secure Client AnyConnect VPN module on ChromeOS is based on the Android client, there is currently no way to differentiate between Chromebook and Android devices when viewing reports and logs. |
Prerequisites for Cisco Security for Chromebook Client < Limitations for Cisco Security for Chromebooks > Integrate the Google Workspace Identity Service
Updated 3 days ago