session_end_reason eq decrypt-error - 8.0.9

cancel
Showing results for 
Search instead for 
Did you mean: 

session_end_reason eq decrypt-error - 8.0.9

L2 Linker

Attempting to decrypt inbound ssl traffic to our federation server. I have been unsuccessful and getting decrpyt error.

 

We have been decrpyting other public servers in the same manner with individual certs succesfully for the past couple years. I have confirmed the cert is correct and cyphers are PA supported.

 

Anyone have advice of what I could be missing or what to look for?

 

running OS 8.0.9

14 REPLIES 14

Finally we solved upgrading to 8.1.5.

I forgot I had this post open, we resolved when we upgraded too. We also resolved a few smtp decrpytion issues to that we were recieveing errors.  Thanks for reporting!

Thanks for updating.

Does this mean that with new PAN OS you do not get any more decrypt error?

The websites which were not working earlier is PA able to decrypt them now ?

 

or

 

PA is sending those websites to the SSL exclude cache?

 

Please confirm

MP

Well, we have solved the problem with the upgrade. Now, decryption is working as expected.

I think SSL exclude cache only applies for ssl-forward-proxy mode, which is not my case.

Thanks for updating on this.

MP
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!