How to Collect HTTPS on PA-3020?

Reply
Highlighted
L0 Member

How to Collect HTTPS on PA-3020?

Hi.

It's a question about my client's request.

The customer is using PaloAlto Pa-3020 (PAN-OS 7.1.23), and wants to collect https information (log) through the firewall. The customer told me, "I (customer) know that you need to install a private certificate on each PC to collect HTTPS."

I looked up related information in Tech Docs, but I couldn't find it.

If you have a related page address or manual, please let me know.

Thanks

Highlighted
L3 Networker

Hi @MinSeob-KWON,

 

Not sure about the requirement - SSL Decryption or Decryption Mirror or Decryption Broker, assume the first.

https://beacon.paloaltonetworks.com/student/catalog/list?category_ids=15475-ssl-decryption - this should help.

Highlighted
Cyber Elite

@MinSeob-KWON,

Just a heads up, 7.1 is now officially EoL and won't receive any support going forward. While you are setting up SSL decryption, it might be a good idea to talk to your customer about the need to upgrade their firewall/s to least 8.1.

 

7.1 EoL: June 30, 2020

8.1 EoL: March 1, 2022

Highlighted
Cyber Elite

Hello,

I agree with the previous two posts:

Here is a collection of articles on SSL Decryption setup and troubleshooting.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClgHCAS

 

Also upgrade to the most supported release of wither 8.1.x or 9.0.x.

 

Regards,

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!