02-08-2012 11:48 AM
Hi,
Anyone had any luck with getting the SSL URL Over-ride page to display without a certificate error?
If I have 'transparent' mode enabled for this function I get a certificate error (it appears to replace my URL with the IP address, port 6083, which doesn;t relate to the cert used).
If I try redirect (to a Layer 3 interface on the PA as described in another article on this forum) I just get a timeout. I guess it may be because my rulebase doesn't permit port 6083 traffic - but I'm not sure if that's a standard port it'll always use?
Cheers for any experience!
02-09-2012 12:16 AM
Sounds like you should contact support regarding feature request.
Since the PAN is acting SSL-proxy (when you do SSL-termination) it should be possible for it to insert the block/continuepage in the current SSL stream instead of forcing the client to redirect into some ip-address.
At least this would look better at the clientside and you as admin wont need to expose the PAN itself for the client.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
