QUESTION - SSL/TLS policy order

I have created my own SSL/TLS policy which even though I selected top, it is third on the list. So the question is how do I make my specific policy the top policy so that like firewall rules the traffic flows down the policies until there is a match? The generic policies will always catch the specific traffic and my policy will never pass traffic. 

I don't want to disable the generic policies because they are used in other places.

Ian

Parents Reply
  • Hi Michael,

    thank you for those explanations.

    I will be a  little picky though, without data throughput being displayed I find debugging the rules very difficult eg which rule is passing the traffic, is the rule I setup working?

    I am trying to use the SSL/TLS inspection on my IoT devices.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
  • I understand, and it is a an absolute must have for the final v18 product.

    If you were part of the threads all asking for "when is v18 coming" you can understand that there is a push to get the EAP into the communities hands as quickly as possible, balanced against getting enough of the features done and the quality bar high enough.  This was a feature that could go to EAP1 without as it is more about reporting and debugging.

     

    I don't know if it helps, but the the Policy Tester has been updated to include all the SSL/TLS stuff (I think EAP1 has it).  Its not real traffic, but it if you know what your traffic looks like it should work.