Parents
  • Hi foks

    more experimentation. I disabled the default SSL/TLS inspection rule and created my own with decrypt enabled.

    What logviewer shows is the exception list is still active even though the description of the list says for the default SSL/TLS rule. So how do you disable the default exception list? Also somewhere there is hidden an SSL/TLS rule 0 which is used for Sophos software updates to at least APX120 connected to CM.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Hi foks

    more experimentation. I disabled the default SSL/TLS inspection rule and created my own with decrypt enabled.

    What logviewer shows is the exception list is still active even though the description of the list says for the default SSL/TLS rule. So how do you disable the default exception list? Also somewhere there is hidden an SSL/TLS rule 0 which is used for Sophos software updates to at least APX120 connected to CM.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
  • Do you mean the Exception List within Web and not the local TLS List? Because the exception List will be used all the time. 

    __________________________________________________________________________________________________________________

  • The description advised the default rule, not user defined rules.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • You can remove the managed TLS List from the Rule: 

    __________________________________________________________________________________________________________________

  • But the rule was disabled and the exception list was still applied to my new rule.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • The Exclusion Website Rule on ID1 is always enable. I am not able to understand, what you mean? Can you show us a screenshot? 

    __________________________________________________________________________________________________________________

  • That is exactly what I am talking about, you can disable web exceptions but not SSL/TLS exceptions.Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • You can turn It off if you want to.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

  • Sorry,,if you want to experiment without having the default exception list get in the road, you cannot turn it off. Turn it off disables SSL/TLS as well as the exception list.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • You can turn off the default exclusion list since v18 EAP, even the managed local TLS exclusion list can be disabled.

    The only exclusion list you can't turn off is the hidden rule #0 for system exclusions. (Sophos domains.)

    DPI Engine will still work fine.


    If a post solves your question use the 'Verify Answer' button.

    Ryzen 5600U + I226-V (KVM) v20 GA @ Home

    XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

  • Hi Prism,

    there is nowhere to disable the default ssl/tls exception list even if you do not select in your rule. Whereas in the web exception list you can disable an exception list.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.