Hi,
In a test setup I'm trying to allow MS-Lync while SSL decryption is enabled.
I've got a general rule to enable SSL Decryption with the proper certificate installed on the clients end.
In my security policies I've got a rule to allow Lync based on App-ID.
Lync however refuses to even sign in.
The only thing I have noticed that DNS requests seeem to age out for a to me unknown reason:
As a test, I added a no-decrypt rule for MS/Lync URL's, but that doesn't really make a difference.
As soon as I disable the decryption rule, all works fine (but of course allows more than I would want). How can I exclude lync from being decrypted, or even better, how do I get Lync to get through with decryption enabled?
On: https://live.paloaltonetworks.com/t5/Configuration-Articles/List-of-Applications-Excluded-from-SSL-Decryption/ta-p/62201
there is a comment at the bottom from someone stating the issue that Lync is failing when SSL decryption is enabled, but he refers to a broken link. Any suggestions?
... View more