SSL Decryption behavior with Application Override

SSL Decryption behavior with Application Override

15213
Created On 09/25/18 19:49 PM - Last Modified 06/09/23 08:49 AM


Resolution


Overview

Consider the following custom application and application override rule.  We have configured a custom application for TCP ports 80 and 443.  Application override is happening for traffic to port 80,443 from DMZ to L3-Untrust.

 

Custom-App1.png

 

Custom-App2.png

 

App-Override rule.png

Consider the following decryption rule: Here we are decrypting all traffic coming from DMZ going to L3-Untrust.

 

Decryption Rule.png

 

If you try to access some https website you will find that the traffic is not being decrypted because of the application override, even if you are doing decryption for everything.  

 

When application override is configured, the Palo Alto Networks firewall stops processing at Layer 4.

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CleuCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language