Virtual Secure Web Gateway

 View Only
  • 1.  Symantec Web Gateway SSL traffic

    Posted Aug 11, 2012 03:20 AM

    Hi,

     

    I configure SWG for both https & SSL Deep Inspection proxy. Now need to know that how I give SSL prot on client machine throug PAC file. or through http/s proxy configuration my SSL traffic also cover/

     

    best regards

    Ishaq



  • 2.  RE: Symantec Web Gateway SSL traffic

    Posted Aug 11, 2012 04:22 AM
      |   view attached

    kindly find attached screenshot!!! when I access https://facebook.com it show me with http protocol and prot 443

     



  • 3.  RE: Symantec Web Gateway SSL traffic

    Posted Aug 11, 2012 05:37 AM

    Hi every body I am able to redirect my https/ssl traffic to Symantec Web Gateway SSL port. PAC look like:

    function FindProxyForURL(url, host)
    {
     
            if (url.substring(0, 6) == "https:")
                {
                    return "PROXY 192.168.2.200:8443";
                }
            else
                {
                    return "PROXY 192.168.2.200:8080";
                }
        
    }

     

    No I am facing an another problem, I get error message "Invalid Server Certificate" when I attempt to open following web sites:

    - facebook.com
    - hotmail.com
    - webmail.opentransfer.com

    I need some urgent support, kindly look this.

    Best regards

    Ishaq

     



  • 4.  RE: Symantec Web Gateway SSL traffic

    Posted Aug 13, 2012 11:13 AM

    Ishaq wrote "I need some urgent support, kindly look this.

    Best regards

    Ishaq"

     

    Hi Ishaq,

    for urgent issues please contact Symantec Support.

    Thanks!

    Federico



  • 5.  RE: Symantec Web Gateway SSL traffic

    Posted Aug 14, 2012 08:30 AM

    You always get that certificate message when using SSL Deep Inspection.  To use SSL Deep Inspection and remove the error message, you need to import the SWG's cert into your endpoint machines, or give it a new cert from a Trusted CA.  See Steps 5 and 6 of the below article:

    http://www.symantec.com/docs/HOWTO54180