- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
01-05-2022 06:47 AM
Hi @Moritz ,
Supported cipher suites will vary depending on your PAN-OS version. What's your current version and how is your decryption profile configured ?
As an example, some earlier PAN-OS versions only supported DHE or ECDHE for SSL Forward Proxy (it wasn't not supported for Inbound Inspection).
You might want to do some more debugging and check on which cipher suite client/server agree upon in the SSL handshake and compare that to the compatibility matrix to see if it's actually supported:
https://docs.paloaltonetworks.com/compatibility-matrix/supported-cipher-suites.html
Hope it helps
-Kiwi.