Hi,
we are using firepower 6.2 on SFR module on Cisco ASA and Firesight management center.
We notice that when a user visit an URL denied by a policy, if the URL is in HTTPS the block response page is not displayed.
If the user tries to visit the same URL in HTTP the response page is correctly displayed.
Based on the cisco documentation, probabily we need to configure the SSL policy and the SSL inspection.
But the question is: is it possibile to configure the SSL inspection ONLY to display the block page? With fortigate for example is possibile with the SSL inspection mode named "SSL certificate inspection" which inspect only the SSL/TLS handshake and perform MITM only if the fortigate needs to display a block page to the user.
Thanks
Luca