I'd like to know if it is possible to use decryption broker with policy based forwarding on the same interface of the policy based forwarding as the scenarios is as the following :
We have a Bluecoat proxy connected to Palo Alto firewall using Policy Based Forwarding/Routing (PBR) so we want to know the possibility of making ssl decryption on palo alto and use decryption broker to send the traffic decrypted to Bluecoat on the Policy Based Forwarding interface.
You should be able to do this with several policy based forwarding policies. One would send traffic to the BlueCoat, and the other would send the traffic received from that interface to a different destination. However I would caution on this as you can overwhelm that interface pretty easily, so using two might be a better idea.
I would obviously say that your PAN can do what the BlueCoat does and more, so use the PAN and skip the BlueCoat.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!