04-29-2018 11:14 AM - edited 02-21-2020 07:41 AM
Dears,
I am creating a SSL policy and I m not understanding the concept of application column and port column inside the rule, the rule is made of, zone, network, application , users, category port, etc etc
As far I know 443 is a SSL encrypted traffic, apart from this 443 there can be other encrypted traffic working on different port ?? I want to understand if a application creator is building an application on port for example 1234 so he has the ability of encryption on that application for a specific port he chooses
thanks
04-30-2018 12:40 AM
Hi
Yes, there can be SSL traffic on ports other then 443.
The application field is for applying the rule on specific application identified by firepower before the decryption is done. Port, Application and other factors are available to make the rule as specific as it can be.
All of matching are in AND operation. Meaning all the criteria defined in rule should match the packet for the rule to hit.
Hope it helps,
Yogesh
04-30-2018 12:18 PM - edited 06-18-2018 02:27 PM
Dear Yogdhanu,
Thanks for the reply , so u r confirming me that the SSL traffic ( what i understand means encrypted traffic) can be on another port ( if it is used on private networks I can use private port numbers rages which cannot be used on internet)
The application field is for applying the rule on specific application identified by firepower before the decryption is done. Port, Application and other factors are available to make the rule as specific as it can be.
when the rule is matched the traffic is decrypted otherwise the default action is to Do not decrypt.
Please correct me if i am wrong
Thanks
06-18-2018 02:28 PM
Dears,
Anybody can put some shade on the below discussion.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide