Solved

SWG Login - How to Log In to the Powershell Interactive login's


Badge +12

Has anyone had any issues with interactive login's executed via powershell when behind the Netskope SWG?

For example: when connecting to exchange online or any kind of Microsoft service via powershell you are typically prompted with a O365 login prompt but when behind SWG we get "New-ExoPSSession : An error occurred while sending the request.."

I found 2 work arounds 1) disabling the Netskope client and 2) custom app in the steering configuration to bypass login.microsoft.com when connecting via powershell.exe. I'm wondering if anyone else had experienced this or could think of another work around.

icon

Best answer by sshiflett 24 May 2021, 21:26

View original

2 replies

Userlevel 6
Badge +16

Welcome to the Netskope community.  The likely reason for this is that many development tools such as Powershell don't trust the system certificate store for TLS inspection.   When you bypass Netskope by disabling the client or the certificate pinned application, you are no longer inspecting this traffic so it works.  There's usually two options for apps that don't trust the system certificate store:

1.  Bypass the application from inspection via a steering or TLS inspection bypass (easiest resolution but limits visibility)
2. Import the Netskope certificate into the application so it trusts the certificate or configure the application to trust the system certificate store. 

You've already performed the first step but if you'd like to have Powershell trust the system store, you can follow the instructions here:

https://support.netskope.com/hc/en-us/articles/360023228553

Badge +12

That support article is what i really needed. Thank you!

Reply