Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SWG Login - How to Log In to the Powershell Interactive login's

Go to solution
rfletcher
New Contributor III

‎05-24-2021 10:36 AM - last edited on ‎11-22-2022 05:29 AM by Community Manager

Has anyone had any issues with interactive login's executed via powershell when behind the Netskope SWG?

For example: when connecting to exchange online or any kind of Microsoft service via powershell you are typically prompted with a O365 login prompt but when behind SWG we get "New-ExoPSSession : An error occurred while sending the request.."

I found 2 work arounds 1) disabling the Netskope client and 2) custom app in the steering configuration to bypass login.microsoft.com when connecting via powershell.exe. I'm wondering if anyone else had experienced this or could think of another work around.

-Ryan
Labels:
0 Likes
1 ACCEPTED SOLUTION
Go to solution
sshiflett
Netskope
Netskope

‎05-24-2021 12:26 PM

Welcome to the Netskope community.  The likely reason for this is that many development tools such as Powershell don't trust the system certificate store for TLS inspection.   When you bypass Netskope by disabling the client or the certificate pinned application, you are no longer inspecting this traffic so it works.  There's usually two options for apps that don't trust the system certificate store:

1.  Bypass the application from inspection via a steering or TLS inspection bypass (easiest resolution but limits visibility)
2. Import the Netskope certificate into the application so it trusts the certificate or configure the application to trust the system certificate store. 

You've already performed the first step but if you'd like to have Powershell trust the system store, you can follow the instructions here:

https://support.netskope.com/hc/en-us/articles/360023228553


Sam Shiflett
Netskope Sales Engineer - North Florida

View solution in original post

2 REPLIES 2
Go to solution
sshiflett
Netskope
Netskope

‎05-24-2021 12:26 PM

Welcome to the Netskope community.  The likely reason for this is that many development tools such as Powershell don't trust the system certificate store for TLS inspection.   When you bypass Netskope by disabling the client or the certificate pinned application, you are no longer inspecting this traffic so it works.  There's usually two options for apps that don't trust the system certificate store:

1.  Bypass the application from inspection via a steering or TLS inspection bypass (easiest resolution but limits visibility)
2. Import the Netskope certificate into the application so it trusts the certificate or configure the application to trust the system certificate store. 

You've already performed the first step but if you'd like to have Powershell trust the system store, you can follow the instructions here:

https://support.netskope.com/hc/en-us/articles/360023228553


Sam Shiflett
Netskope Sales Engineer - North Florida
Go to solution
rfletcher
New Contributor III

‎05-25-2021 03:52 AM

That support article is what i really needed. Thank you!

-Ryan

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In