PAN-OS

  1. Select
    Device > Licenses
    to confirm that you have an active Advanced URL Filtering or legacy URL Filtering license.
  2. Verify that you decrypt SSL/TLS traffic through either SSL Forward Proxy or SSL Inbound Inspection.
  3. Enable inspection of SSL/TLS handshakes by CTD. By default, the option is disabled.
    1. Select
      Device
      Setup
      Session
      Decryption Settings
      SSL Decryption Settings
      .
    2. Select
      Send handshake messages to CTD for inspection
      .
      Alternatively, you can use the
      set deviceconfig setting ssl-decrypt scan-handshake
      <yes|no>
      CLI command.
    3. Click
      OK
      .
  4. Commit
    your configuration changes.

Recommended For You