Configuring SSH Proxy does
not require certificates and the key used to decrypt SSH sessions
is generated automatically on the firewall during boot up.
SSH decryption enabled, all SSH traffic identified by the policy
is decrypted and identified as either regular SSH traffic or as
SSH tunneled traffic. SSH tunneled traffic is blocked and restricted
according to the profiles configured on the firewall. Traffic is
re-encrypted as it exits the firewall.
Ensure that the appropriate interfaces are configured
as either virtual wire, Layer 2, or Layer 3 interfaces. Decryption
can only be performed on virtual wire, Layer 2, or Layer 3 interfaces.
View configured interfaces on the
column displays if an interface is configured to
interface. You can select an interface
to modify its configuration, including what type of interface it