FTD - SSL Decryption

I have Edit one of the Khawar FTD EVE-NG Lab to be :slight_smile:

Lab Overview :
FirePower has a feature called SSL Decryption which is used to decrypt any encrypted traffic such as HTTPS via Intercept the traffic between Client and Server so that FP can resign the certificate -

Lab prerequisite :

  • Connect FTD to the Internet and configure G0/0 IP address DYNAMIC
  • Configure PAT / ACP
  • Configure CA Server in management Side to download ROOT CA and Sign CSR of FirePower

Lab Steps :
1- Download ROOT CA from CA Server and Import it to FMC via
Object >PKI > Trusted CA

2- Generate CSR from FMC (Object->PKI->IntenalCA)and Copy/Pasted in CA Server with Option Subortindate Certificate Authority - Sign it and return it back to the same CSR Page to install Certificate.



3- Configure SSL Policy To decrypt HTTPS (port 443 ) --as Example
GO To policies > SSL Policy -> Rule

same page of SSL Policy : you need to push FMC Certficate from Trusted CA

4- Call SSL policy from ACP Policy then apply



NOTE: There is a Difference Between SSL Decryption and SSL offloading.

SSL Decryption: Decrypt the traffic in order to inspect the content and re-encrypted again
SSL offloading : Remove the encryption .ex : from HTTPS–> HTTP

I hope this help

1 Like

What version of FMC/FTD did you go for?

FMC/ FTD version are 6.2.2 for both

1 Like

Hi Abdulfattah,

Great work… Appreciate the effort and contribution to the community. This is a great way of practicing your skills and helping your fellow community members. I highly recommend this learning route to everyone. I have asked my Team to allocate 10 KCloud Hrs to your account.

As an aside, I am starting the FTD class this coming Saturday. The registration page will be up tomorrow. @Silver_Surfer will be creating a forum post on it shortly.


1 Like

Thank you Sir for your comment and encouragement