08-19-2013 12:14 AM - edited 03-10-2019 06:02 AM
We have recently purchased a Cisco ASA 5512-X and I'm just curious if there is anyway for the ASA or a 3rd party tool working with the ASA, to monitor Decode/Reencode SSL traffic? Otherwise, anyone can simply access a ssl web site e.g. https://www.youtube.com and bypass the entire IPS?
Regards,
Craig
Solved! Go to Solution.
08-19-2013 10:54 PM
It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html
Sent from Cisco Technical Support iPad App
08-19-2013 10:54 PM
It won't work with the IPS because that can't decrypt the traffic. The new "native" way of inspecting SSL-traffic is to use ASA-CX:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/qa_c67-700607_ps12521_Products_Q_and_A_Item.html
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: