07-30-2018 08:21 AM
An internal client can only make sslv3 connections while an external server only accepts tls 1.2 so the goal is to create a policy that will allow this, using the PA as an SSL proxy.
Is this possible? I was looking at decryption policies but I'm not sure how to fwd the connection attemt to be tls 1.2 to the external server.
any help would be much appreciated
SW version 6.1.10
07-30-2018 10:55 AM
I discussed this with TAC and it seems there is no feasable way to do this
07-30-2018 02:27 PM
I would agree with TAC, you can't really do that with the PA. That being said .... did they recommend that you upgrade your firewalls? 6.1 goes EOL October 25, 2018, so if you haven't already I would really start planning your migration to a newer release.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
