Forum Discussion
Peter_chan
Nimbostratus
NimbostratusHow to bypass the similar domain in SSL Orchestrator
How to configure the SSL Orchestrator to bypass the same domain like "login.skype.com", "api.asm.skype.com".
I have try to configured the ".*skype.com" and "*.skype.com" but no use.
Piotrek_72347Nimbostratus
Nimbostratusplease go to:
SSL Orchestrator>Configuration and Polices.
next editing your policy go to > Destination setting and for > Address Destination.
choose DBB - For DDB (Dynamic Domain Bypass), the Destination you configure contains one or more DNS domain names (unique or wildcard) against which the destination hostname indicated by the client in TLS SNI is matched. This mode is special because it classifies traffic before the SSL Orchestrator implementation attempts any TLS handshake with the remote server (that is, in Match Phase Pre-handshake). You may use DDB to whitelist and bypass traffic to servers which cause TLS handshake problems or that require TLS mutual (client-certificate/smart- card) authentication. For DDB, the Service Chain value you select must be Bypass or Reject.