cisco wsa cloud connector cloud routing

So running into an issue having the WSA cloud route destination IP addresses. I have the list of IP addresses set as a direct connection in the cloud routing policy if they are the destination IP address. The wsa will not cloud route them as direct connections. It ignores and sends them directly to the cloud. Is it because they are SSL websites? I know the client header is encrypted but the destination IP is visible.

Comments

  • What do you mean by "The wsa will not cloud route them as direct connections."? I don't really understand what the problem is.

  • So i created a list of IP addresses I want sent as direct connection instead of being sent to the cloud like the default policy. This list of IP addresses are IP addresses of ssl sites. In the cloud routing policy I specify only IP addresses, no urls and no ports. No matter what the traffic goes to the cloud. I read in the docs that cloud connector mode has a limitation of not being able to see the encrypted header so it can't process the cloud routing policy for ssl traffic if you specify a url or port. I am only specifying IP addresses. Is the limitation of this mode that it cannot do anything with ssl traffic but send it to the cloud?

    On Tue, Jun 30, 2015 at 2:54 AM, cristian.matei <[email protected]> wrote:

    What do you mean by "The wsa will not cloud route them as direct connections."? I don't really understand what the problem is.




    INE - The Industry Leader in CCIE Preparation

    http://www.INE.com



    Subscription information may be found at:

    http://www.ieoc.com/forums/ForumSubscriptions.aspx

Sign In or Register to comment.