Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
when ever i turn on web protection for a rule users who can use internet through this rule can use whatsapp application on there phones or web whatsapp
i tried to make a workaround for web whatsapp and created a top rule that allow access to web whatsapp and turned off web protection and that solved web whatsapp problem
now my problem is with the application it self it wont work until i turn off the web protection
although i made exception for it in the PROTECT>Web>Exceptions and checked the log viewer and it is all green and all http and https scan & Decrypt are turned off
is there any solution for this issue ?
create a web exception with this urls:
Here the image. In my case works. I use decrypt and scan on my XG.
In reply to lferrara:
thank you for your reply
i did exception as yours but unfortunately still not working
i tried it without http scan and https decrypt option in the firewall rule
the strange thing is it was working before
it`s just stopped working
i have added two more experision to your regex and now it is working for me
now the QR code load without any problem
one down and one to go ..
still have whatsapp phone application issue
i will update once i fix it
i solved whatsapp application issue yesterday
i dont use "Any" as service
the problem solved when i added whatsapp application ports and both of them were working till this morning
but couple hours ago the QR code came to the surface again
any idea why this strange behavior from the firewall??
In reply to M.Hegazy:
problem is finally solved
it was related to "Enable Pharming Protection" option in web protection
i had to diable it to get it work
We had a similar problem with Snapchat, where it was connecting to an IP using a hostname that did not resolve (pharming protection tries to resolve again). We fixed it for unresolvable, but if an app actively lies about who it is connecting to....
One solution (IIRC) is if you can debug the underlying host and IP that it is failing on you can create a Host-to-IP mapping that overrides DNS. Then Pharming protection continues to work.
In reply to Michael Dunn:
Finally I managed to reply in that Forum .. my first Post here :) I have the same problem. could you please instruct me what to do? I am not sure what you are meaning with IIRC and ceate a host-to-ip-mapping that overrides dns. where / how do I do it?
Could you provide me some help? Would be greateful!
Is it in DNS section or Hosts&Services?
Thank you all
Hey guys, also had this issue and after adding the exception list i still did not work. i turned off pharming protection and still did not work. I finally got it to work by going into the web policy and adding a rule with the category voice and video calls and allowing it. Also move the rule to the top of the list as the web policy reads like a ACL. Also i have pharming protection enabled. I am running a 125 with 17.1.1 firmware. Hope this helps.
In reply to Michael Ploch1:
thank you for response.
as soon as I disable the pharming protection, things seem to work. Indeed for me it is whatsapp starting to delay extremely once I enable pharming protection again.
I am still testing. I will test both above ways (Christopher Moss and Michael Dunn). It will take some days because I have to await user feedback and check on my own! Will get back to you for sure.
Yes, I am running 17.1.1 MR-1
edit: had the wrong name in () above...
alright, today I had the same issue again, even with pharming protection disabled. I honestly thought that could be the right direction, but it is not. on the 5 day that already known delay in whatsapp occured again. sending is really delayed and if I would receive a message, whatsapp just tells me "you may have new messages".
so if I understand you correctly dns entry and pharming protection is not my way to go. now I will try activate pharming protection and try Christophers way. keep you updated.
what wonders me is, why sometimes whatsapp has that delay, and sometimes it works as usual.... i cannot find anything blocked in the firewall for that user, only allowed entries in the log around that time stamp...
Also Michael, i have Whatsapp allowed in my application filter. If you are using a application filter you might want to allow Whatsapp also.
In reply to Christopher Moss:
I already did, but solely this does not help.
Die try it with your Suggestion in web filtering and have to see how it behaves now. Debugging is pretty difficult since log files do not point it out clearly...
Hey Michael, just wanted you to have your application policy with the Whatsapp rule in conjunction with the web policy setting i mentioned. That's what worked for me.
This is the web policy i mentioned.
make sure video and voice are on top of the web policy and all actions are allowed. and then make sure your application filter has all the Whatsapp criteria allowed.
Yep, i Had allow all in web Policy ans added your rule in Addition. I Always had the Applikation rule running.
Will geht Back to you once either the Error occurs again or it worked for some days...