A new Chinese policy going into effect next week, will have profound impact on businesses relying on Internet VPN or SD-WAN access within China.\nAccording to a notice from China Telecom obtained by SD-WAN Experts, the Chinese Government will require commercial Chinese ISPs to block TCP ports 80, 8080, and 443 by January 11, 2018. Port 80 is of course the TCP port commonly used for carrying HTTP traffic; 8080 and 443 are used for carrying HTTPS traffic. Commercial ISP customers interested in maintaining access to those ports must register or apply to re-open the port through their local ISP. \u00a0\nThe news, first reported by Bloomberg July, was expected to be implemented by February, 2018. This is the first time a specific date has been provided for the action.\nMillions of Internet users relied on virtual private networks (VPNs) to circumvent the Chinese censorship system, dubbed the Great Firewall of China. In the past, VPNs have worked intermittently but were invariably blocked, forcing users to jump to another VPN. The new regulations will block VPN access to unregistered services.\nCrackdowns on accessing the Internet beyond the\u00a0Great Firewall\u00a0\u2014 the world\u2019s most sophisticated state-censorship operation, employs at least 2 million online censors.\u00a0 But this news highlights how the world\u2019s second largest economy is struggling to balance authoritarianism with its business leadership aspirations.\u00a0In addition, a strict new\u00a0cybersecurity law\u00a0came into effect in June. In July China Telecom, the nation\u2019s biggest Internet service provider, sent a letter to corporate clients\u00a0that said in future, VPNs would only be allowed to connect to a company\u2019s headquarters abroad.\nFor SD-WAN users, the regulations could have significant impact. Site-to-site connectivity across MPLS or private line will be unaffected, but site-to-site VPNs will be affected, if businesses do not register with their ISPs. \u00a0This means hybrid WANs, for example, will work fine for those applications running across the private data service, but will be disrupted when failing over to the Internet or sending traffic across the encrypted Internet tunnel as the primary traffic driver. There are many SD-WAN and meshed VPN installations in China today that leverage the lower internet costs within China, using a lesser number of MPLS circuits to reach data centers outside of the country.\u00a0 These circuits will fail to pass traffic on January 10th, unless the enterprise register with their local ISPs.\nAll SD-WAN service providers will most likely to be impacted by these changes. If the customer uses the Internet, then they\u2019ll be blocked. If they use MPLS they won\u2019t be impacted.\nHere\u2019s a translation of the text from Chinese government describing the policy:\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014-\nElectronics Co., Ltd.\nHello, Annex is not opened 80 8080 port fixed IP line list, if your company to use the 443 port, please January 2018 January 10 to complete the relevant filing, so as not to be closed 443 port, thank you.\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014- China Telecom Xiamen FTA division of corporate customers Tel: 0592-5512875 phone: 18059800252 Mailing Address: Lake Avenue 15, Building 102 telecommunications complex Business please mail before the 25th of each month, thank you!\nAnd the original Chinese:\n\n\u6c0f\u7535\u5b50\u6709\u9650\u516c\u53f8 \u60a8\u597d\uff0c\u9644\u4ef6\u4e3a\u672a\u5f00\u901a80 8080\u7aef\u53e3\u7684\u56fa\u5b9aIP\u4e13\u7ebf\u6e05\u5355\uff0c\u8d35\u53f8\u5982\u6709\u4f7f\u7528443\u7aef\u53e3\u7684\uff0c\u8bf7\u4e8e2018\u5e741\u670810\u65e5\u524d\u5b8c\u6210\u76f8\u5173\u5907\u6848\u5de5\u4f5c\uff0c\u4ee5\u514d\u88ab\u5173\u95ed443\u7aef\u53e3\uff0c\u8c22\u8c22\u3002\n\nAs noted in Bloomberg: \u00a0\n\n\u201cThis seems to impact individuals\u201d most immediately, said Jake Parker, Beijing-based vice president of the US-China Business Council. \u201cVPNs are incredibly important for companies trying to access global services outside of China,\u201d he said. \u201cIn the past, any effort to cut off internal corporate VPNs has been enough to make a company think about closing or reducing operations in China. It\u2019s that big a deal,\u201d he added.\n\nThe take-away from this story:\u00a0 if you have facilities in China, be sure you address this VPN registration issue, if it hasn\u2019t been addressed already.