Hello Tobias,
I know that "Any" is not a good choice for production. But here I am just testing.
As long App. Control & URL Filtering are activated on the blade, all https traffic (set to inspect in the https rule) should be inspected because "Any" is everything including AppCtrl/URLF objects; but it is not the case.
For the tests you asked me:
- I replaced the Internet object on the HTTPS rule base by the All_Interntet. --> NO https inspection
- I also replaced the Internet object on the Access Control rule base by the All_Interntet. --> NO https inspection
- Then, without changing what I just did, I tested again adding the HTTPS default services” at the services field on 5.1 rule --> NO https inspection
- Finally I put back the previous values at the destinations and created a new HTTPS service with default port but I enabled protocol signature. I added the service in the 5.1 rule
It worked. HTTPS Inspection is working with the service HTTPS_clone.
Finally using the HTTPS service with the protocol signature enable, allows all the HTTPS traffic to match the rule 5.1 and to be inspected. "Any" should do that but it is good to know that we can manage it by using the service.
Cheers
Miguel
