Author Topic: Transparent SSL proxy exclude list (Read 611 times)

bobbythomas · « **on:** July 16, 2017, 09:50:31 am »

Hi,

I have been trying to setup transparent ssl proxy on my Opnsense VM and I was able to do that successfully, but the problem is with the exclude list. I am unable to use certain banking websites and apps as it is getting filtered. I tried adding their domain into the exclude list, but I am having difficulty in identifying the correct domains, is it possible to analyze the SSL sessions so that I can Identify the domain and add it to the exclude list. Does the packet capture feature work well with transparent ssl proxy?

Thank you,
Regards,
Bobby Thomas

fabian · « **Reply #1 on:** July 16, 2017, 10:11:37 am »

I would suggest you to open the developer tools of your browser, open the network tab and reload the page. If you do that, you will see all HTTP requests done by the page. You should be able to find the domain names as well.

For example the OPNsense forum (using Firebug in Firefox) is in the attachment.

bobbythomas · « **Reply #2 on:** July 17, 2017, 04:16:26 pm »

Thank you Fabian for the suggestion, I was able to figure out domaiin details using the browser, but I am still having issuues with my Android banking app which shows network error. I believe it's pointing to some other domain and since I have to access it through the app it's failing. Any ideas? Do I need to perform a TCPdump or packet capture?

Thank you,
Regards,
Bobby Thomas

fabian · « **Reply #3 on:** July 17, 2017, 07:48:30 pm »

That's probably a good idea. You will have to capture port UDP/53 (DNS).

Author Topic: Transparent SSL proxy exclude list (Read 611 times)

bobbythomas

Transparent SSL proxy exclude list

fabian

Re: Transparent SSL proxy exclude list

bobbythomas

Re: Transparent SSL proxy exclude list

fabian

Re: Transparent SSL proxy exclude list