Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
315
Views
1
Helpful
1
Replies

SSL Policy decrypt with known Key is nowt working With Cloudflare

Canyion
Level 1
Level 1

‎01-14-2024 11:10 PM

We have a web server behind firepower in the DMZ, and we've implemented an SSL policy for decrypting traffic with a known key.

In our domain name (forexample.com), we've directed traffic to Cloudflare Proxy. Within Cloudflare, the traffic is then forwarded to the public IP of the web server. Additionally, on our firepower, we've configured access to the web server to only allow traffic from Cloudflare's IP ranges to Webserver on HTTP and HTTPS, and it work fine, users can access on both protocol.

the only issue is , on firepower we are unable to see any HTTPS traffic from Cloudflare ranges to Webserver.

 

 

1 Reply 1

MHM Cisco World
VIP
VIP

‎01-15-2024 02:51 PM

the only reason in my mind you 
use FastPath
or ACP with action Trust 
for traffic direct to server 
hence the https dont decrypt and inspection  
MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top