Hi,
until last week i've used only the web proxy funcionality.
Now i've configured the SSL/TLS Inspection and have a strange behavior.
The Veeam Backup and Replication Server (Backup03 - in Backup-LAN) can backup the ESX-Server in LAN.
But the Veeam Agent on a Windows 10 PC (in LAN too) cant be backed up.
These are the responsible Firewall Rules (as you can see...no web scanning active)
For testing i've created a extra Inspection Rule to NOT decrypt internal connections
But as long as i've activated the SSl/TLS Inspection Module the Backup is failing
When i disable the SSL/TLS Module everything works like a charm.
Sometimes (not every time) i get a log entry with "InvalidURL"
I think the SSL/TLS Inspection Module is scanning EVERY traffic unless if its configured in the firewall rule or not. Is that correct?
My Plan is to inspect the Internal -> WAN Traffic only but NOT the internal traffic between subnets/vlans.
I've found a similar thread here from about 2 Yr. ago (https://community.sophos.com/sophos-xg-firewall/f/discussions/118733/xg-v18-ssl-tls-inspection-interfering-with-veeam-cloud-provider-replication/431230#431230).
Do someone have a clue where to configure this?
Best regards.
Gotschek
This thread was automatically locked due to age.
