About netmaster

Hi, now we have uploaded whit key and make a policy and it works. But 1 point, the documentation is here a little bit confuse! There is the info that you need " forward trust/untrust option" and a CA but for this case is this not the point. "1. The first thing we would like to do is to install and manage the certificate we would like to use. Navigate  Device > Certificates and generate a new self signed Certificate, be sure to activate CA,Forward Trust Certificate, Untrust and Trusted Root CA:" thanks for your help. best regards ... View more

Hi, Sry i think so. In the decryption policy is the last point "ssl inbound" and When we choose it we must choose a certificate. And Here is the Only certificate what we can choose the  self signed with the Option "Forward trust/untrust". Oh er certificate Here Are Not listed ... View more

Hi,ok i understand we need the same certificate in Firewall as on the server, that we can make on the test Server.But the live Server had the verisign certificate. And we dont can change it. On all certificate we have downloaden From verisign we dont Have the choose to aktivate trust/untrust On the der. ... View more

Hi, now we have made a self signed certificate from the firewall, thats not working. For the test we have change the Server cert in a self signed too. We don´ see any encrypted packets. (in the traffic log or in the cli like: How to View SSL Decryption Information from the CLI We have make all the steps for inbound ssl decrypt from: How to Implement SSL Decryption but it doesnt works. Any special thinks what we must do in the decryption and security policies? Or any other points we must do? enabling decryption on a single tab or so? Cert: Policy decry: Policy sec: ... View more

The certificate what we used in the upper config was created in the firewall, i think thats the problem why this one not matched, thats for your info guys. ... View more