Thread Info
  • State Verified Answer
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 1030 views
  • Users 0 members are here
Options
Suggested

SSL/TLS rule 0

rfcat_vk

Hi folks,

attempting to setup some SSL/TLS rules and not having much success. They don't show any traffic having been passed. I have disabled the default rule to see what happens with traffic.

Looking at logviewer -> SSL/TLS tab I see traffic being passed in rule 0, what is rule zero and where are its parameters displayed?

Then there is the GUI showing 0% decryption capacity and the SSL/TLS connections showing 44% of traffic.

Seems very confusing to me.

I have implemented SSL/TLS rules in previous versions eg v18.0.x but after upgrading to v18.5.x the rules no longer worked so were deleted from the Xeon box XG.

Ian



added comment
[edited by: rfcat_vk at 10:31 PM (GMT -8) on 4 Feb 2022]

Top Replies

  • +2 verified

    Rule 0 is the thing that happens if no rules apply.

    If the Firewall, Rule 0 is Drop All Traffic.  We used to never show it, but in order to reduce confusion we now do as something you cannot even click on.

    In SSL/TLS, Rule 0 is basically an Any to Any Do Not Decrypt rule, wide open.

    Jump to answer
Parents Reply Children