Hi all,
my configuration is the following:
- Exchange server on Internet
- A client on the LAN using Outlook with a Exchange account (uses HTTPS)
- HTTPS decrypt and scan enabled on user policy; application Control 'allow all'; Web filter 'No explicit content'; Intrusion prevention 'lantowan_general'
- CA certificate installed on the client
Outlook cannot connect to the mailbox on the server.
I can see into the log:
1471419239.107917132 [12236/0x7f30bd1fe000] fwid=9 fwflag="VS" iap=5 aap=0 id="0001" name="http access" action="pass" method="POST" srcip="192.168.99.6" dstip="99.200.220.164" user="user" statuscode=401 cached=0 trxlen=0 rxlen=581 url="mail.domain.com/.../Exchange.asmx" referer="" type="" authtime=0 dnstime=0 cattime=37422 avscantime=0 fullreqtime=115003 ua="MacOutlook/0.0.0.160109 (Intel Mac OS X Versione 10.11.6 (Build 15G31))" categoryname="Exchange" category="1027" application="None" appcat="None" appids=“"
You can see from the log that I created a category name 'Exchange' that matches the mail server FQDN.
This because if I add an HTTPS exception, everything works well. But I would like to inspect ALL the traffic.
The same happens with Skpye. No chat is possible with HTTPS enabled, unless I add an exception.
I cannot understand why returns statuscode 401
Any idea?
Thanks and regards
This thread was automatically locked due to age.
