03-05-2009 06:50 AM
If you mean can you see it as decypted traffic - No (Thats why it is encrypted )
If you mean can you see it as a stream of encrypted traffic - Yes (Thats what hackers/crackers try to break )
03-06-2009 03:28 PM
03-12-2009 10:30 AM - edited 03-12-2009 10:40 AM
If the encrypted traffic is terminated on the ISG-2000, you can disable the security device from creating a hardware session for a specific traffic via CLI "set no-hw-sess" under policy for troubleshooting purposes. This is supported since ScreenOS 6.1
In addition to that, you can use flow and snoop filters on tunnel traffic since ScreenOS 6.2
Hope this helps.
03-14-2009 04:04 PM
I thought you could also force transit traffic to go over the CPU and debug it, not only terminated traffic?
03-16-2009 12:33 AM
You are right, you can also send pass though traffic to CPU via "set no-hw-sess" but the box will not decrypt encrypted pass-though traffic.
03-16-2009 02:14 AM
Thanks fot your answer Cesar. Of course you can't decrypt the traffic when it's transit. I just wanted to make sure I didn't have it wrong on the debug feature on ISG's. Thanks again.