ChatGPT site gives "Error code 1020" even after excluding the domain using Split tunnel.

ChatGPT site gives "Error code 1020" even after excluding the domain using Split tunnel.

17258
Created On 02/02/23 04:03 AM - Last Modified 02/10/23 06:57 AM


Symptom


  • Access to ChatGPT site https://chat.openai.com fails with Cloudflare Error code 1020 when traffic flows through Prisma Access Gateways.

          chatgpt_error.png
  • Issue is seen even after adding the below domains in Split tunnel Domain exclusion.
           chat.openai.com
           *.chat.openai.com
 
 
 

Environment


Prisma Access

Cause


Browser uses QUIC Protocol (UDP 443) and UDP traffic is not supported in domain-based split tunneling on Windows. 

Resolution


Add a security policy to deny QUIC Application so it falls back to using traditional TLS/SSL (TCP 443).Deny_QUIC

Additional Information



Reference document for "UDP traffic is not supported in domain-based split tunneling on Windows".
https://docs.paloaltonetworks.com/globalprotect/10-1/globalprotect-admin/globalprotect-gateways/split-tunnel-traffic-on-globalprotect-gateways/configure-a-split-tunnel-based-on-the-domain-and-application

 

 
    Other users also viewed:
    Actions
    • Print
    • Copy Link

      https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000samOCAQ&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

    Choose Language