Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
cant remove SSL inspection profile
I have a couple options on a few policy that I am not able to remove.
Firmware 5.2
*profile-protocol-options Profile protocol options.
*ssl-ssh-profile SSL SSH Profile.
Does anyone know why I would not be able to remove them?
I do not want to use SSL inspection profile.
11 REPLIES 11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if i uncheck all other UTM features (AV, Web, APP, Email) in the policy then it allows me to turn off ssl/ssh inspection.
as soon as a put any of them back it comes back by itself.
i checked two different units (100d, f/w 5.2) and the behaviour was the same. can someone xplain this to me?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don' t know if I would classify this as a bug persay but I would open a ticket with support. You can still disable all the options within the profile and the certificate based check should only apply for webfiltering, which can be disabled in the webfilter profile anyway, so its probably not a big deal to leave it like that.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You may select SSL inspection profile by which you disable the inspection for the intended protocol.
Mohammad
Mohammad Al-Zard
Mohammad Al-Zard
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
but you still can select new profile " test for example" which is configured to disable SSL inspection for the intended protocol. attached screenshot illustrate the settings
Mohammad
Mohammad Al-Zard
Mohammad Al-Zard
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
my profile options look different.
please take a look.
which inspection method should i use?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You need to select " Full SSL inspection" radio box under the inspection method
Mohammad
Mohammad Al-Zard
Mohammad Al-Zard
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
These changes in 5.2 are documented in the What' s New guide ... not an ideal design ... but not a bug as well.
If any security profile is used in a security policy, SSL inspection will automatically be enabled, at which point an SSL mode must be selected ...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ok i still dont really know what it does. can anybody explain how it works?