https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375585#M923960 <P>Dear Yogdhanu,</P> <P>Thanks for the reply , so u r confirming&nbsp; me that the SSL traffic&nbsp;( what i understand means encrypted traffic)&nbsp;can be on another port ( if it is used on private networks I can use private port numbers rages &nbsp;which cannot be used on internet)&nbsp;</P> <P>&nbsp;</P> <PRE>The application field is for applying the rule on specific application identified by firepower before the decryption is done. Port, Application and other factors are available to make the rule as specific as it can be.</PRE> <P>&nbsp;</P> <P>when the rule is matched the traffic is decrypted otherwise the default action is to Do not decrypt.</P> <P>Please correct me if i am wrong</P> <P>&nbsp;</P> <P>Thanks</P> Mon, 18 Jun 2018 21:27:48 GMT adamgibs7 2018-06-18T21:27:48Z https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375135#M923958 <P>Dears,</P> <P>&nbsp;</P> <P>I am creating a SSL policy and I m not understanding the concept of application column and port column&nbsp;inside the rule,&nbsp; the rule is made of, zone, network, application&nbsp;, users, category port, etc etc</P> <P>As far I know 443 is a SSL&nbsp;encrypted traffic, apart from this&nbsp;443 there can be other encrypted traffic working on different port&nbsp;?? I want to understand if a application&nbsp;creator is building an application on&nbsp; port for example 1234 so he has the ability of encryption on that application for a specific port he chooses</P> <P>&nbsp;</P> <P>thanks</P> Fri, 21 Feb 2020 15:41:07 GMT https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375135#M923958 adamgibs7 2020-02-21T15:41:07Z https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375243#M923959 <P>Hi</P> <P>&nbsp;</P> <P>Yes, there can be SSL traffic on ports other then 443.</P> <P>The application field is for applying the rule on specific application identified by firepower before the decryption is done. Port, Application and other factors are available to make the rule as specific as it can be.</P> <P>All of matching are in AND operation. Meaning all the criteria defined in rule should match the packet for the rule to hit.</P> <P>&nbsp;</P> <P>Hope it helps,</P> <P>Yogesh</P> <P>&nbsp;</P> Mon, 30 Apr 2018 07:40:16 GMT https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375243#M923959 yogdhanu 2018-04-30T07:40:16Z https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375585#M923960 <P>Dear Yogdhanu,</P> <P>Thanks for the reply , so u r confirming&nbsp; me that the SSL traffic&nbsp;( what i understand means encrypted traffic)&nbsp;can be on another port ( if it is used on private networks I can use private port numbers rages &nbsp;which cannot be used on internet)&nbsp;</P> <P>&nbsp;</P> <PRE>The application field is for applying the rule on specific application identified by firepower before the decryption is done. Port, Application and other factors are available to make the rule as specific as it can be.</PRE> <P>&nbsp;</P> <P>when the rule is matched the traffic is decrypted otherwise the default action is to Do not decrypt.</P> <P>Please correct me if i am wrong</P> <P>&nbsp;</P> <P>Thanks</P> Mon, 18 Jun 2018 21:27:48 GMT https://community.cisco.com/t5/network-security/ssl-policy/m-p/3375585#M923960 adamgibs7 2018-06-18T21:27:48Z https://community.cisco.com/t5/network-security/ssl-policy/m-p/3401460#M923961 <P>Dears,</P> <P>Anybody can put some shade on the below discussion.</P> <P>Thanks</P> Mon, 18 Jun 2018 21:28:40 GMT https://community.cisco.com/t5/network-security/ssl-policy/m-p/3401460#M923961 adamgibs7 2018-06-18T21:28:40Z