Follow these steps:
- Connect with SmartDashboard to Security Management Server / Domain Management Server.
- Go to '
Application & URL Filtering' tab. (In R80.10, go to '
Manage & Settings > Blades > HTTPS Inspection'. )
- Expand '
- Expand '
- Click on '
At the bottom of the page, check the box '
Bypass HTTPS inspection of traffic to well known software update services (list is dynamically updated)'.
Important: This checkbox is located in a different place starting from R80.40. This setting is “on by default”, and the issue described in this article may occur, if someone turns it "off".
- Save the changes: go to '
File' menu - click on '
- Install the policy onto the relevant Security Gateway / Cluster object.
HTTPS Inspection Bypass List
Bypass HTTPS inspection of traffic to well-known software update services" is enabled, the update services listed below (this is the canonical list) will be bypassed. As the domains for these services may change, the links to these update services are dynamically updated on the Security Gateway:
- Check Point updates
- Microsoft updates
- VMware updates
- Mozilla updates
- Java updates
- Adobe updates
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.