Hi guys,
I'm slowly implementing SSL inspection on my network, starting with small group of PCs (Win10 all). I'm on SFOS 17.5.11 MR-11.HF062020.1
I've found out that iCloud sync is not working correctly, OneDrive for example is just fine. I don't care that much about iCloud app, but I would like to take this opportunity to learn more about SSL inspection in general and how to troubleshoot this.
Situation
iCloud app will not download the file to local drive when a new file is created in the cloud (from iPhone/iPad). It know it's there but will not succeed with download and I get error that network is unreachable. The folder is set to "Always keep offline" so it should be downloaded immediately.
XG setup
I know it's HTTPS service and it's inspection, when I remove https from the test FW rule, the iCloud app works just fine and the files are downloaded. So I've tried these and nothing helps ...
Created exceptions (WEB/Exceptions) with policy checks and https decryption disabled for
- ^([A-Za-z0-9.-]*\.)?apple\.com\.?/
- ^([A-Za-z0-9.-]*\.)?icloud\.com\.?/
- ^([A-Za-z0-9.-]*\.)?cdn-apple\.com\.?/
- ^([A-Za-z0-9.-]*\.)?mzstatic\.com\.?/
Created FW Rule before the test rule and disabled the inspection and destination set as WAN / 17.0.0.0/8 which is Apple network. All services on *apple.com and *icloud.com are here.
So far I cannot make iCloud work with HTTPS inspection. If anyone can help or point me to right direction, it would be great!
Thanks for any help on this
This thread was automatically locked due to age.
