VPN service on IPAD wifi, traffic does not appear in Traffic Monitor, app control does not drop
IPAD connected to ssid with separate vlan via AP420 and routed to policy with app control on and set to drop all vpn services. The policy that should control is UDP-TCP policy Port 0(any), under properties logging is set to "Send Log message"
On the IPAD device, this VPN service installs from app store "ZeroTier One" and also presents in the general settings under VPN . The service / app uses a static IP to connect (not url), and appears to communicate via UDP. The session appears to create its own virtual mac address and make this connected device part of a broadcast network (multicast).
My attempt to observe the traffic, from the Traffic Monitor filter with the dhcp IP of this device, see lots of normal traffic including 443 but nothing related to this VPN service / static IP. Do same for the static IP in the VPN service config but no traffic appears. I toggle the VPN service on and off on the device repeatedly connects successfully but nothing in traffic logs. Clearly there must be traffic but the Traffic Monitor does not see it. Looking at a different problem not too long ago I ran into a similar issue with SIP traffic not logged or appearing in the Traffic Monitor.
The problems are 1) I do not see any traffic related to this VPN service in the Traffic Monitor. 2) app control should block but does NOT 3) this is just one VPN service how big of a hole is this. My assumption was the WG was blocking all these type services.
Are there any changes I can make to make the traffic appear in the Traffic Monitor and get app control working / deny / drop?