decryption error - response page not displaying to user

cancel
Showing results for 
Search instead for 
Did you mean: 

decryption error - response page not displaying to user

L0 Member

Hi

We have set a new decryption profile that is hardened to a new 10.0.6 PA 3250.

Most things seem ok however when we go to the guardian website we just get a  this site cant be reached page. It would be great if the user got a response page saying decryption error. Is there a way to get this? There could be others (lots of General TLS protocol errors).

krisfraser_0-1632918966451.png

the decryption policy is pretty restrictive - we might have to uncheck to find what is causing the issue if we cannot get a response page to the user

krisfraser_1-1632919018039.png

krisfraser_2-1632919039675.png

 

krisfraser_3-1632919374577.png

Does anyone know how we can get a response page to the user to say decryption error?

 

3 REPLIES 3

L4 Transporter

See this thread for troubleshooting ideas. You will need to confirm if the error is being served a non-connection from the browser or the firewall. There may be some elements (DoH) within browser config that might need changing. Are you able to confirm via curl or others that the full webpage is being served to your machine?

Help the community! Add tags & mark solutions please.

Cyber Elite
Cyber Elite

@krisfraser,

There isn't any sort of decryption error response page that you can just add. You only have the decryption opt-out and certificate error pages, but there isn't some sort of generic decryption error response page. 

@BPry - does that mean its normal for the user to see a "This site can't be reached" page if it fails due to a general TLS protocol error and there is nothing you can do?

 

Shame if it is as we will have to roll back some of the settings as management say the users must have a reason displayed if a webpage is not accessible (e.g category block just now)

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!