https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310895#M340 <P>I am enforcing APP-ID and wanted to do it at the application lever but your suggestion should be good. The insteresting part is that the Palo is showing hits to the rule with the custom rule but when I review the traffic it does not show anything with that rule. Any ideas on that?</P><P>&nbsp;</P><P>&nbsp;</P><P><STRONG>Update on my own question.</STRONG></P><P>&nbsp;</P><P>Looks like I needed to create the APP override which is something I have not done before but was able to do it properly and now the rule it is showing the traffic properly.</P><P>&nbsp;</P><P>Thanks</P> Thu, 13 Feb 2020 14:34:12 GMT palmanza 2020-02-13T14:34:12Z https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310628#M338 <P>Hello Everyone,</P><P>&nbsp;</P><P>Has anyone created a custom signature to create a custom APP-ID to allow SSL over port 636? I have read that decryption needs to be implemented for the Palo to identify the traffic to the right application but if decryption can not be completed how can this be done.</P><P>&nbsp;</P><P>Thanks in advance.</P> Tue, 11 Feb 2020 16:56:39 GMT https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310628#M338 palmanza 2020-02-11T16:56:39Z https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310866#M339 <P>Hello <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/124554">@palmanza</a>&nbsp;</P><P>Is it mandatory to have a signature, or would application override suffice for your need?</P><P>I simply created a new application (copied over the things from ldap, named it ldap<STRONG>s</STRONG>), and created the override policy. The policies where ldap was listed as application were extended by ldap<STRONG>s</STRONG>.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JoergSchuetter_0-1581528116827.png" style="width: 573px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/23929iF8CEFA03A1EA0F1A/image-dimensions/573x182/is-moderation-mode/true?v=v2" width="573" height="182" role="button" title="JoergSchuetter_0-1581528116827.png" alt="JoergSchuetter_0-1581528116827.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JoergSchuetter_1-1581528126281.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/23930i2CE840B43F85700C/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="JoergSchuetter_1-1581528126281.png" alt="JoergSchuetter_1-1581528126281.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JoergSchuetter_2-1581528135255.png" style="width: 734px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/23931i692C5490191DBD8F/image-dimensions/734x233/is-moderation-mode/true?v=v2" width="734" height="233" role="button" title="JoergSchuetter_2-1581528135255.png" alt="JoergSchuetter_2-1581528135255.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 12 Feb 2020 17:25:21 GMT https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310866#M339 JoergSchuetter 2020-02-12T17:25:21Z https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310895#M340 <P>I am enforcing APP-ID and wanted to do it at the application lever but your suggestion should be good. The insteresting part is that the Palo is showing hits to the rule with the custom rule but when I review the traffic it does not show anything with that rule. Any ideas on that?</P><P>&nbsp;</P><P>&nbsp;</P><P><STRONG>Update on my own question.</STRONG></P><P>&nbsp;</P><P>Looks like I needed to create the APP override which is something I have not done before but was able to do it properly and now the rule it is showing the traffic properly.</P><P>&nbsp;</P><P>Thanks</P> Thu, 13 Feb 2020 14:34:12 GMT https://live.paloaltonetworks.com/t5/custom-signatures/custom-signature-to-allow-ldaps-as-ssl-port-636/m-p/310895#M340 palmanza 2020-02-13T14:34:12Z