Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2620
Views
5
Helpful
2
Replies

cisco asa firepower - SSL Block Reason

muhammadreza
Level 1
Level 1

‎07-27-2018 06:25 AM - edited ‎03-12-2019 06:51 AM

Hi All

 

Our office deployment of Cisco ASA w/ Firepower blocking some whatsapp  application feature (send receive image/video/file, call and video call), only text are working

Connection event log show block reason are SSL Block from internal source to some whatsapp URL/Domain port  https and with Do Not decrypt SSL Status.

Our SSL Policy for this traffic are fall  into default action which is Do Not Decrypt and our network access policy allow any any from inside to outside.

How to un-block/bypass this traffic ?

 

thanks before

 

Reza

 

Labels:
0 Helpful
2 Replies 2

rcmcdermott11
Level 1
Level 1

‎07-27-2018 10:28 AM - edited ‎07-27-2018 10:31 AM

Misread that initially. Can you show the blocking event it is matching?

0 Helpful

Raghunath Kulkarni
Cisco Employee
Cisco Employee
In response to rcmcdermott11

‎07-29-2018 08:39 PM

Hi,

 

One of the easy way to determine what within the SSL is causing the traffic to be blocked is to navigate to the connection events, click on table view of the events.

 

By default, there are certain fields shown up, since we want to know what is causing SSL to determine the block, click on one of the fields at the "X" field to disable the field. You will see a drop down of all the fields available. Select all the SSL related fields and save it.

 

Upon refresh, it would provide details on what within SSL is marking it as to be blocked.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card