cancel
Showing results for 
Search instead for 
Did you mean: 
mlustfield
Level 7

SSL Redirection

Jump to solution

I'm doing SSL Scanning with traffic within our company using a Web Gateway 7 appliance. If the browser supports SNI (these do), I'm able to redirect based on the host requested. However, I need to match the path as well. I'm basically trying to do https://domain.com/request.xhtml --> https://internal.com/request. Since I'm doing SSL scanning, it seems like I should be able to do this, but I'm not figuring out how. Has anyone done this that could help me figure it out?

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: SSL Redirection

Jump to solution

Based on the fact that it is not working with path information, I would guess that SSL scanning is NOT applying. You should also check to see that for the initial request you see the Web Gateway's CA certificate.

If you're using a modern browser (ie9+ or FF or chrome), you can use F12 tools, to see if the Web Gateway is actually sending the redirect.

If you run rule traces, do you see any requests for the full URL instead of just the host?

Best,

Jon

0 Kudos
2 Replies
McAfee Employee

Re: SSL Redirection

Jump to solution

Based on the fact that it is not working with path information, I would guess that SSL scanning is NOT applying. You should also check to see that for the initial request you see the Web Gateway's CA certificate.

If you're using a modern browser (ie9+ or FF or chrome), you can use F12 tools, to see if the Web Gateway is actually sending the redirect.

If you run rule traces, do you see any requests for the full URL instead of just the host?

Best,

Jon

0 Kudos
mlustfield
Level 7

Re: SSL Redirection

Jump to solution

Thanks! The rule tracing helped me realized that only some requests were being sent to the correct domain. When the request actually goes to the gateway, it works exactly like it's supposed to.

0 Kudos