This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Hsinyu
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Hsinyu
06-05-2023
6Posts
0Likes
0Solutions
Jun 05, 2023Last Visited
User
Activity
User
Profile
Latest posts by Hsinyu
| Subject | Views | Posted |
|---|---|---|
| 694 | 01-19-2023 12:06 AM | |
| 712 | 01-18-2023 11:47 PM | |
| 612 | 12-23-2022 01:20 AM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 1 Like |
User Badges
Community Statistics
| Member Since | 11-10-2021 06:16 PM |
| Date Last Visited | 06-05-2023 01:07 AM |
| Posts | 6 |
01-19-2023
09:36 AM
@Hsinyu,
Just to be abundantly clear, the only time that traffic is automatically decrypted by the firewall is if the traffic terminates on the firewall. So in the example of a GlobalProtect Portal/Gateway, that traffic will be decrypted automatically without anything being configured by you as the admin.
In the event that you have a device setup in your WAN/untrust zone outside of the above examples, it won't be automatically decrypted by the firewall unless you setup a decryption policy. For example if I hand a VPN concentrator off of a firewall and just place it in a WAN/untrust zone, the firewall won't automatically start decrypting that traffic.
That might add a bit of confusion as this isn't a common deployment that folks do, but it's important to have that distinction present.
... View more
12-23-2022
04:24 AM
1 Kudo
Hi @Hsinyu ,
This is likely happening because you're traffic is logged at session end:
Kind regards,
-Kiwi.
... View more
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks