You do not have a wildcard after your sites. outlook.com and live.com.
This will fail if anything is after the .com, which is almost always.
you need to add a wildcard after the .com
Also, a lot of times you need to put the actual IP address of the site too....
thx for your reply.. so i should do it that way *.outlook.com/* ??
Its important for me to use Wildcard in the beginning also.. because most of the sites that i want to allow have diffrent sites and not all of them starts with www.
u got it right?
EX: www.outlook.com , support.outlok.com, finance.outlook.com/users .. etc....
Depending on how your client systems are traversing MWG, you may have a partial chicken/egg situation.
If the clients are not configured to directly proxy to the MWG, the initial value for URL.Host will be the destination IP address and not a domain name. Until the connection goes through the SSL Inspection rule set, MWG won't know what the destination domain is.
if using something that is NOT Windows XP + Internet Explorer plus a recent MWG the client should be able to send the desired hostname in the SSL handshake which will allow MWG to apply all rules that utilize URL.Host.
Unfortunately the combination Windows XP + Internet Explorer still seems to be a common platform. They don't support the extension, so in this case you will have to use the IP (transparent mode only, of course).
Just skipping the Content Inspection should be enough. You should then see the site load with the web sites certificate and not the Web Gateways certificate.
When you make the wildcard rule, you can test it. There is a test button and you can put in a long URL and make sure it matches.