07-27-2018 06:25 AM - edited 03-12-2019 06:51 AM
Hi All
Our office deployment of Cisco ASA w/ Firepower blocking some whatsapp application feature (send receive image/video/file, call and video call), only text are working
Connection event log show block reason are SSL Block from internal source to some whatsapp URL/Domain port https and with Do Not decrypt SSL Status.
Our SSL Policy for this traffic are fall into default action which is Do Not Decrypt and our network access policy allow any any from inside to outside.
How to un-block/bypass this traffic ?
thanks before
Reza
07-27-2018 10:28 AM - edited 07-27-2018 10:31 AM
Misread that initially. Can you show the blocking event it is matching?
07-29-2018 08:39 PM
Hi,
One of the easy way to determine what within the SSL is causing the traffic to be blocked is to navigate to the connection events, click on table view of the events.
By default, there are certain fields shown up, since we want to know what is causing SSL to determine the block, click on one of the fields at the "X" field to disable the field. You will see a drop down of all the fields available. Select all the SSL related fields and save it.
Upon refresh, it would provide details on what within SSL is marking it as to be blocked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide