Create or edit a decrypted traffic mirror profile
Select Create New to open the Create Decrypted Traffic Mirror window. To change a decrypted traffic mirror profile, select a profile and then click Edit.
Configure the following settings in the Create Decrypted Traffic Mirror window or the Edit Decrypted Traffic Mirror window and then click OK:
| Name | Enter the name of the decrypted traffic mirror profile. |
| Destination MAC | Enter the destination MAC address for the mirrored traffic. |
| Decrypted Traffic Type | Select whether decrypted SSL traffic, decrypted SSH traffic, or both are mirrored. |
| Decrypted Traffic Source | Select whether decrypted client-side traffic, decrypted server-side traffic, or both are mirrored. |
| Interface | Select which interfaces will have decrypted traffic mirrored. |
| API Preview | The API Preview allows you to view all REST API requests being used by the page. You can make changes on the page that are reflected in the API request preview. This feature is not available if the user is logged in as an administrator that has read-only GUI permissions. |
To use the API Preview:
- Click API Preview. The API Preview pane opens, and the values for the fields are visible (data). If a new object is being created, the POST request is shown.
- Enable Show modified changes only to show the modified changes instead of the full configuration in the preview.
- Click Copy to Clipboard to copy the JSON code shown on the preview screen to the clipboard.
- Click Close to leave the preview.
To create a decrypted traffic mirror profile in the CLI:
config firewall decrypted-traffic-mirror
edit <name_of_profile>
set dstmac <destination_MAC_addresss>
set traffic-type {ssl | ssh}
set traffic-source {client | server | both}
set interface <interface_name>
next
end
For example:
config firewall decrypted-traffic-mirror
edit "1"
set dstmac ff:ff:ff:ff:ff:ff
set traffic-type ssl ssh
set traffic-source both
set interface "port1"
next
end