11-21-2016 07:23 AM
When we try to setup an Skype for Business call we always get blocked by the SSL decrypt of the Palo Alto system.
I would like to configure no ssl decrypt for collaboration. Is this possible and how?
11-21-2016 07:44 AM
Hi,
My guess you can configure another policy for the particular application with "No Decrypt" option and put it above your existing decryption policy.
11-22-2016 12:25 AM
That is the strange part, there is no URL category from palo alto to not decrypt collaboration.
If I check some url's to setup meetings in the url check of Palo Alto it tells me the category computer and internet info.
But if I make a no decrypt rule on this all other applications that are under this category are also not decrypted.
11-22-2016 01:45 AM
Hi,
How do you see that traffic in the logs? How it is identified by Palo. If you can post a logs snapshot from the device for that particular session
11-22-2016 02:49 AM
It's mixed, internet-and-computer-info, internet-commincations-and-telephony... No good way to make exception for Skype.
11-22-2016 05:45 AM
To add on this because of the way that Skype opperates there will likely never be a good way to not decrypt Skype traffic and make it identify properly.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
