topic Re: SSL Outbound Inspection Bypass for www.telekom.de in Firewall and Security Management

SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Fri, 13 Sep 2024 13:55:00 GMT

hi, i need to bypass www.telekom.de in https inspection.

i tried *.telekom.de, www.telekom.de as custom application. but none of them is working. traffic is still inspected.

what iam doing wrong?

thanks

daniel

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Fri, 13 Sep 2024 14:16:07 GMT

I just tested it in my lab and I put *telekom.de* and worked fine.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Fri, 13 Sep 2024 14:25:58 GMT

i tried it with *telekom.de* and it is not working. iam running R81.20 take 84

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Fri, 13 Sep 2024 14:29:36 GMT

I think something may had been cashed. I just tried it on my iphone, site does not even come up, so looks like its website issue, NOT ssl inspection problem.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Fri, 13 Sep 2024 14:37:52 GMT

i think in the same direction, because some other sites i set on bypass are working. only this site isnt working. i opened the site on different devices, and the site is looking different on each device.

on monday i try it on my r82 lab. maybe they can fix it over the weekend.

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Fri, 13 Sep 2024 14:38:03 GMT

Just for my own sanity, I even connected to Germany via nordvpn account and even then, I could NOT get to the site and Im talking about my personal desktop at home.

I tried below:

telekom.de

https://www.telekom.de

www.telekom.de

Same issue, nothing worked.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Fri, 13 Sep 2024 14:43:09 GMT

thank your for the help!

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Fri, 13 Sep 2024 14:47:03 GMT

Sure, any time mate. That is why Im 100% sure its not an issue with the fw/ssl inspection, based on the test I had done. I even tried same method from my personal laptop, exact same result.

That alone, without any doubt, tells me its website problem.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Fri, 13 Sep 2024 14:49:18 GMT

This site works fine and seems to be totally legit/valid.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Mon, 16 Sep 2024 09:12:13 GMT

hi,

today i checked the exception again in my R82 lab. iam not able to configure an bypass for certain sites.

example: www.heise.de and www.telekom.de

what iam doing wrong?

i defined the custom applications as described here: https://support.checkpoint.com/results/sk/sk165094

thanks

daniel

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Mon, 16 Sep 2024 11:07:27 GMT

Heise site works fine for me, no issues. Im sure telekom.de is broken, if it ever worked.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Mon, 16 Sep 2024 11:22:34 GMT

but why heise istn working in my lab. the bypass rules are not working. until i disable the inspection-rule, all traffic will be inspected. i tried my regex and without. do you have an idea?

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Mon, 16 Sep 2024 11:26:09 GMT

*heise.de* has to work, I tested it myself. What does traffic log show?

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Mon, 16 Sep 2024 11:27:31 GMT

Btw, Im in Canada est, so 6 hours behind you, just starting my day. Happy to do remote and fix it for you. I do ssl inspection issues all the time, so Im confident we can figure it out.

Let me know.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Mon, 16 Sep 2024 11:47:02 GMT

I dont have an idea until I saw your environment, sorry. Only other thing I could go by would be to make sure below is set and also if you can send the log showing why it fails.

Andy

Re: SSL Outbound Inspection Bypass for www.telekom.de

Daniel_Hainich — Mon, 16 Sep 2024 11:58:03 GMT

Re: SSL Outbound Inspection Bypass for www.telekom.de

the_rock — Mon, 16 Sep 2024 12:01:36 GMT

Lets do remote if you are allowed to. I got a feeling its not working because of what I pointed out.

Andy