I finally decided to give the "exercise in frustration" that is HTTPS Decrypt and Scan a go at home and I hope to apply it at my family sites. Desktops (Windows or Linux) are fine but mobile devices (Android is all I've got to work with here) not so much... After not coming across a solution hunting through the community and Googling around I'm posting this.
The setup: UTM 9.605 acting as the DHCP server for the environment. Wireless Router (ASUS RT-AC68U) in AP mode. The same setup exists at my family sites.
The issue: mobile devices connect to my WiFi AP but the connection icon has the "X" on it and I've got no internal or external access on any Android device running Nougat or Pie. Going back to "URL filtering only" took care of this instantly. The only post in the community matching my predicament and the closest thing to a solution I found is over in the XG forum but I can't believe this workaround is reasonable. I did, however, find similar solutions suggested by Barracuda and Fortinet regarding Google and SSL inspection so maybe I am wrong in my belief.
The question: based on that XG user's workaround I'm guessing that the issue is that since the UTM Web Protection Proxy CA hasn't been applied to the devices Android can't phone home to Google in order to validate that the device has a connection? If so is there any reasonable way to get around this so that the device can connect to the WiFi AP so that the UTM Web Protection Proxy CA can afterwards be installed OR do I have to get the UTM Web Protection Proxy CA on each mobile device to resolve this (and is the same hassle to be had with iOS devices)?
This thread was automatically locked due to age.
