SonicOS 7.0 Rules and Policies for Policy mode

SSL Servers

Server DPI-SSL allows you to configure pairings of an address object and certificate to typically offload/protect an internal Server from inbound WAN access. Options include:

  • Address Object/Group - When the appliance detects SSL connections (from the WAN) to this address object, it presents the paired certificate and negotiates SSL with the connecting client (typically in the WAN).
  • SSL Certificate - This certificate is used to sign traffic for each server that has DPI-SSL Server inspection performed on its traffic
  • Cleartext - If Cleartext is selected, a standard TCP connection is made from the appliance to the server (in the LAN) on the original port. For this to work, a NAT policy needs to be added. If the pairing is not cleartext, then an SSL connection to the server is negotiated.

To view and manage certificates, go to DEVICE | Settings > Certificates.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden