That does depend on how you are directing traffic to the WSA. If you are doing transparent redirection using WCCP simply don't configure WCCP to redirect traffic for port 443 and allow port 443 outbound from your firewall/router. If you are doing PAC file then again only configure the necessary ports to be redirected to the WSA. If you want to redirect 443 but simply PassThru using the WSA you will need to configure the Encryption Engine to accept proxy connections and set all Global policies to PassThru.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...