USG60 - check SSL inspection ports
Freshman Member
I'm trying to see which SSL ports our USG60 is checking. I've logged in with Putty and run the command show utm-manager ssl-inspection defaultport but it returns:
% (after 'utm-manager'): Parse error
retval = -1
ERROR: Parse error/command not found!
Other commands I run such as show utm-manager content-filter defaultport return the results fine.
Other commands I run such as show utm-manager content-filter defaultport return the results fine.
0
All Replies
-
Hi @ACN
SSL inspection function is only support on USG110/210/310/1100/1900/2200.
USG20-VPN/40/60 series doesn’t support SSL inspection, so there is no this command.
0 -
Ah, thanks. My reason for asking is I'm trying to diagnose why our anti-virus does not seem to be working. It is letting me download the eicar.com test virus file instead of dealing with it.
0 -
Hi @ACN
If SSL inspection is disabled, it can only scan the non-encrypt data.
You can make sure the download link is working on HTTP and without encrypted data.
For test eicar, you can put the test file on your FTP server or HTTP server to exclude encrypted part.
0 -
So the antivirus licenses we have purchased are useless without encrypted scanning, at least I know not to purchase them again.0
-
Hi @ACN
The Anti-Virus function on USG60 can still work on HTTP, FTP, SMTP, POP3, file sharing..etc.
If you would like to scan encrypted traffic, then SSL inspection will be required.
The SSL inspection function is supported on USG110/210/310/1100/1900/2200.
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 155 Nebula Ideas
- 105 Nebula Status and Incidents
- 5.9K Security
- 320 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 256 Service & License
- 398 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight
