07-15-2016 10:03 PM - edited 03-12-2019 06:04 AM
Hi Guys,
I am trying to inspect incoming SSL traffic in my FirePOWER as I have internal SSL web server.
Cert and Key are already imported through PKI object management and SSL policy is already created too. However, I am here a bit lost my way to find out the verification where my SSL policy to incoming SSL traffic is working properly or not.
Could you here tell me where and how to verify it? Thanks much.
With Love,
Si Thu
07-17-2016 04:43 AM
Hi
You can check the connection events. Enable the SSL filters in SSL policy to see which ssl rule the traffic is hitting and if its being encrypted or no.
Navigate to analysis> connection events>tables view of connection events.
Click on any filed cross sign and enable the SSl related fields as shows in screenshot.
Then you can either filter events based on connection events or see the traffic as it hits that.
Rate if helps.
Yogesh
07-17-2016 07:52 AM
Hi Yogdhanu,
Thanks much for your guide.
As for inspecting incoming SSL traffic for internal SSL web server, I have created internal cert (for
Could you please advise on my SSL whether it is correct particularly for incoming SSL traffic. Many thanks.
With Love,
Si Thu
07-18-2016 02:20 AM
Hi,
yes, that is correct settings for only internal web server traffic.
Thanks,
Ankita
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide