This seems like it should be straightforward; but I'm calling on the experts to help!
I've got a user trying to get onto our captive-portal-protected guest network. He's running into issues verifying the HTTPS page's certificate. I believe it has to do with his client not being able to get to an OCSP address. I'd like to see what's getting blocked by the PEF, but I'm not sure the best way to go about it. I've used the WebUI before, but that's not the greatest method; you have to check it at just the right time to catch the problem in action. Surely there must be a way to get better detail via the CLI... ("There is...and stop calling me Shirley")
So experts, how do you troubleshoot PEF blocks quickly? I have an AirWave that I'm not sure how to use either, if that helps.
Thanks!