SSL decrypt and HTTPS to HTTP redirect via FMC

ns1888001 — Thu, 28 Oct 2021 10:29:32 GMT

Hello team

We have few servers in DMZ that need to be accessed from public via http however we want to have HTTPS traffic between public clients and FTD and then between FTD and DMZ server it would be plain HTTP since server doesn't support HTTPS because it's old. OS. We're using SSL decrypt for other servers that support HTTPS and it works perfect. For old server our goal is to incorporate SSL decrypt in order to inspect the traffic and then to redirect it to HTTP so that server could accept it. Let me know if this is possible via FMC.

Re: SSL decrypt and HTTPS to HTTP redirect via FMC

Mohammed al Baqari — Thu, 28 Oct 2021 12:29:34 GMT

Hi,

What you are looking for is called reverse proxy. You can not do reverse
proxy on FTD. You can do SSL inspection on FTD. For this purpose, you need
to have web proxies such as WSA from Cisco. There are other vendors
performing this such as bluecoat and F5.

You can provision load balancer on apache server to terminate SSL and pass
traffic to your backend servers.

**** please remember to rate useful posts

topic SSL decrypt and HTTPS to HTTP redirect via FMC in Network Security

SSL decrypt and HTTPS to HTTP redirect via FMC

Re: SSL decrypt and HTTPS to HTTP redirect via FMC