- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
02-11-2020 08:56 AM
Hello Everyone,
Has anyone created a custom signature to create a custom APP-ID to allow SSL over port 636? I have read that decryption needs to be implemented for the Palo to identify the traffic to the right application but if decryption can not be completed how can this be done.
Thanks in advance.
02-12-2020 09:25 AM
Hello @palmanza
Is it mandatory to have a signature, or would application override suffice for your need?
I simply created a new application (copied over the things from ldap, named it ldaps), and created the override policy. The policies where ldap was listed as application were extended by ldaps.
02-12-2020 09:25 AM
Hello @palmanza
Is it mandatory to have a signature, or would application override suffice for your need?
I simply created a new application (copied over the things from ldap, named it ldaps), and created the override policy. The policies where ldap was listed as application were extended by ldaps.
02-12-2020 01:06 PM - edited 02-13-2020 06:34 AM
I am enforcing APP-ID and wanted to do it at the application lever but your suggestion should be good. The insteresting part is that the Palo is showing hits to the rule with the custom rule but when I review the traffic it does not show anything with that rule. Any ideas on that?
Update on my own question.
Looks like I needed to create the APP override which is something I have not done before but was able to do it properly and now the rule it is showing the traffic properly.
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!