ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
Hey there! I need to create a custom application based on the LOGIN string sent to an IMAP server (Office 365) via port 993 (TLS/SSL encrypted) to differentiate it from other O365 traffic. Tech_Note-Creating_Custom_Signatures-RevE.pdf I should be able to match on the imap-req-first-param context but the fw is detecting the traffic as imap. I have configured and tested SSL decryption okay and am outputting to a SSL decryption mirror to confirm the unencrypted data being sent. The custom application is a child of the imap application (I've tried it as no parent app as well, didn't work), and has default port tcp/993 set. I've got one signature: Scope: session (I tried transaction, didn't work either) Ordered condition match is off OR condition - Operator Pattern Match Context - imap-req-first-param Pattern is part of our domain name, as is (no \'s or brackets) No qualifiers, tho I've tried with imap-req-cmd = LOGIN but it didn't help. Any ideas? Thanks in advance 🙂
... View more
I'm trying to use Expedition against a VM-Panorama (running v8.1.2). Only one Panorama, no other devices. A few weeks ago it was working fine but now when I use it I get the Loading spinner for a while followed by a rather informative error shown below. This occurs when I click away from the Devices tab and then back to it.
I have completely removed the panorama device from the Devices tab and re-added it. It seemed to authenticate and pull down the running config okay, but after clicking save I got the same error again. And now it's been removed and re-added, if I click away and back to the tab, I get the exception error and then no devices anymore.
There are no errors on the dashboard apart from one about php reconnecting to mariadb if lost and one about machine learning (which I dont plan on using), and nothing I can see in the audit logs. Any help appreciated..
Edit: I loaded a fresh image of expedition, updated it to 1.0.101 and am using that to authenticate just fine so must have been a bug. PS - Can somebody please add the upgrade instructions to the Admin or user guides to make it easier to find? Thanks 🙂
... View more