Hello Dameon,

I had originally opened a TAC case (3-0234333211) and that is how I found out about ACST; perhaps the tech assigned to my case was not aware that TAC could help create a signature? Should I escalate the case or open another with some different information that could help me get to the proper engineering team?

Thanks,

Mike

In some cases R&D needs to create the signature.

Did you provide packet captures as part of the SR? 

No, I did not provide a packet capture… because the support engineer did not request one. Do you know what specifically I need to capture, and whether this needs to be done at the client PC, my firewall (which is the security perimeter gateway), or the far end VPN termination point? If the packet capture needs to be performed at my security gateway firewall, does this mean that I need to have HTTPS inspection enabled on my firewall?

I think it may be sufficient to do this from the gateway only.

HTTPS Inspection shouldn't need to be enabled.

Thank you. I will open a new TAC case and start this process.

Just to follow up, I checked with R&D and ACST is definitely not the right tool for the job here.

It's something we will likely have to create and the right approach is to open a TAC case as you've done. 

If you hit a roadblock with TAC, please contact me privately.

Hello mates, I hope all is well

I have the same problem with a vpn application,that connect to different server around the world.

The applications are itop VPN and radmin VPN and I want to block this traffic specifically

What should we do? Should I oped a TAC case or use this tool?

Thanks in advance

Without knowing precisely how the applications work, I recommend engaging the TAC.

btw: it's getting time that https inspection policy supports applications created by acst.