I woud like to create exception in decryption policy. In theoty it's easy:
1. create access policy for http/ssl traffic
2. create ssl policy for outgoiung traffic based on url category - DON'T DECRYPT (port any, source any, src_zone internal, dst_zone external, endpoints - based on URL category)
3. create ssl policy for outgoing traffic - DECRYPT ALL (port 443, source any, src_zone internal, dst_zone external, endpoints any)
But it does'nt work. All traffic is encrypted. All rules are anebled. Website category was tested on MWG and trustedsource.org.
ver 8.3.2 p2
I would be thankful for any help