Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
We'd love to hear about it! Click here to go to the product suggestion community
I have read a number of threads about how to make WhatsApp work for devices behind a UTM which all involve creating firewall rules.
Isn't making WhatsApp work through a UTM with Application Control enabled as simple as allowing the application?
In my experience the answer to my question above is 'not reliably'.
We have application control rules to allow the application to be used by devices on our WiFi networks for mobile devices but the user experience is poor.
At times messages are sent/received immediately, however at other times messages are delayed significantly sometimes only being passed hours after they were sent.
The usual giveaway is that the device displays a notification from the WhatsApp application (on Andriod devices) saying 'Checking for new messgaes'. This appears to be a sign that there are messages waiting to be delivered to the device. Messages that are composed and sent will have a clock symbol not get the first grey tick telling you that the message has reached the platform.
If you want the message to be allowed in or out it seems you are left with two options:
Which method should I be using if I want WhatsApp to work reliably? The idea of Application Control with it's granular application definitions appeals and seems a far better approach than using firewall rules to allow connections but if it doesn't work then why include it in the product?
Would be great if a Sophos staff member could provide some insight.
Otherwise I guess I'll just have to raise a support call.
All other views of course welcome ...
Typically, AppCtrl is used to block traffic. The only time an AppCtrl Allow rule makes sense is when it is an "exception" to a later Block rule.
The other thing that might help is #1 in Rulz (last updated 2019-04-17) - specifically to check the Intrusion Prevention log. Any luck there?
Cheers - Bob
In reply to BAlfson:
have a look at this thread: https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/42170/whatsapp-calls-blocked