topic Cisco FTD SSL Policy causing issue on Media Communication such as Skype and Viber text messages in Network Security https://community.cisco.com/t5/network-security/cisco-ftd-ssl-policy-causing-issue-on-media-communication-such/m-p/4277572#M1077566 <P>Dear community,&nbsp;</P><P>&nbsp;</P><P>I have installed Cisco Firepower 2010 installed, and I manage it via FMC.&nbsp;I have setup the policies and traffic is all working ok without SSL decryption policy. However when I enable SSL decryption policy, my text messages do not go through the network. Communication with the Internet works fine, but Skype and Viber text messages do not go through.&nbsp;</P><P>I have tested it myself and as soon as I remove SSL decryption Policy from the Access Policy, text messages pass through the traffic properly.&nbsp; &nbsp; &nbsp;</P><P>Do you have any idea why and what could be affecting the text messages communication to not go through from an SSL decryption policy perspective?&nbsp;</P><P>&nbsp;</P><P>From my general knowledge, SSL decryption policy is used to only decrypt traffic but not manage communication access. Am I missing something?&nbsp;</P><P>&nbsp;</P><P>Any suggestion or information provided would be highly appreciated.</P><P>&nbsp;</P><P>Thank you,</P><P>L&nbsp;</P><P>&nbsp;</P> Fri, 22 Jan 2021 12:45:33 GMT laurathaqi 2021-01-22T12:45:33Z Cisco FTD SSL Policy causing issue on Media Communication such as Skype and Viber text messages https://community.cisco.com/t5/network-security/cisco-ftd-ssl-policy-causing-issue-on-media-communication-such/m-p/4277572#M1077566 <P>Dear community,&nbsp;</P><P>&nbsp;</P><P>I have installed Cisco Firepower 2010 installed, and I manage it via FMC.&nbsp;I have setup the policies and traffic is all working ok without SSL decryption policy. However when I enable SSL decryption policy, my text messages do not go through the network. Communication with the Internet works fine, but Skype and Viber text messages do not go through.&nbsp;</P><P>I have tested it myself and as soon as I remove SSL decryption Policy from the Access Policy, text messages pass through the traffic properly.&nbsp; &nbsp; &nbsp;</P><P>Do you have any idea why and what could be affecting the text messages communication to not go through from an SSL decryption policy perspective?&nbsp;</P><P>&nbsp;</P><P>From my general knowledge, SSL decryption policy is used to only decrypt traffic but not manage communication access. Am I missing something?&nbsp;</P><P>&nbsp;</P><P>Any suggestion or information provided would be highly appreciated.</P><P>&nbsp;</P><P>Thank you,</P><P>L&nbsp;</P><P>&nbsp;</P> Fri, 22 Jan 2021 12:45:33 GMT https://community.cisco.com/t5/network-security/cisco-ftd-ssl-policy-causing-issue-on-media-communication-such/m-p/4277572#M1077566 laurathaqi 2021-01-22T12:45:33Z Re: Cisco FTD SSL Policy causing issue on Media Communication such as Skype and Viber text messages https://community.cisco.com/t5/network-security/cisco-ftd-ssl-policy-causing-issue-on-media-communication-such/m-p/4277787#M1077574 <P>Those applications and others (WhatsApp, Telegram etc.) use end-to-end encryption with SSL/TLS certificate pinning. So any man-in-the-middle decrypt and re-sign action (such as the FTD does) will break that trust chain and cause the issues you report. You need to exempt those applications from your SSL policy for them to work.</P> Fri, 22 Jan 2021 17:56:30 GMT https://community.cisco.com/t5/network-security/cisco-ftd-ssl-policy-causing-issue-on-media-communication-such/m-p/4277787#M1077574 Marvin Rhoads 2021-01-22T17:56:30Z