The minimum TLS protocol
version (
Min Version
) that the profile supports
is TLSv1.1. To allow the traffic that the version mismatch blocks,
you could change the
Min Version
to TLSv1.0. However,
a more secure option is to update the client to use a recent TLS
protocol version. If you can’t update the client, you can create
a Decryption policy and profile that apply only to that user, device,
or source address (and to any similar users, devices, or source
addresses so that one policy and profile control all of this traffic)
instead of applying a general Decryption policy that allows TLSv1.0 traffic.