hi it seems i found out the work around for this chrome extension zenmate - once the website which is blocked on the FW can be accessible if the ssl decryption is not enabled after connecting the zenmate. after the zenmate is connected and if the ssl decrypt is not enabled the blocked website will work , once you enable the ssl decrypt i.e ssl forward proxy it will start blocking the traffic as before so in this case connecting to zenmate chrome extension is of no use zenmate application - zenmate installed app on local system behaviour is different as extension , ssl decrypt cannot block this . zenmate app is using IKE application to connect to the proxy server , we have to block the IKE application in the security policy and it will not allow the connection to be successful , but we have to keep in mind that IKE is been used for ipsec so if you have ipsec vpn then it can block the legitimate traffic . so in this case you can select the zone from may be trust to untrust i,e direct internet and apply the policy so it will only block the traffic which is gloing to untrust and not to the ipsec tunnel
... View more