WhatsApp Issue with Web Protection

Question

hello everyone 
 
 when ever i turn on web protection for a rule users who can use internet through this rule can use whatsapp application on there phones or web whatsapp 
 i tried to make a workaround for web whatsapp and created a top rule that allow access to web whatsapp and turned off web protection and that solved web whatsapp problem 
 now my problem is with the application it self it wont work until i turn off the web protection 
 although i made exception for it in the PROTECT>Web>Exceptions and checked the log viewer and it is all green and all http and https scan & Decrypt are turned off 
 is there any solution for this issue ? 
 thank you

Alexander Weinbacher · Accepted Answer

Hi guys, 
 
 That way i solved the problem of Whatsapp not working properly behind a Sophos UTM 9.x 
 
 1. READ UNTIL THE END!!! 
 2. Go to: NETWORK PROTECTION - FIREWALL 
 3. Add a new rule that looks like: from "Internal Network" - service "whatsapp" - to "any" 
 You drag and drop these three categories from the left side of the menu to the right side. "whatsapp" is a preconfigured setting provided by the Sophos UTM. 
 Save it, activate it. 
 I use the transparent proxy mode. Pharming protection enabled. 
 
 4. Add a new rule that looks like: from "Internal Network" - "TCP 5222, TCP 5223, UDP 3478" - to "any" 
 That rule was key for making my setup work completely. Without, only chat worked but calls only between devices on my LAN. 
 
 5. I&acute;v added this rule but I am not 100% sure if it is really necessary after 4.): 
 First, I did a static address mapping for my IOS devices as these are the only ones I use for Whatsapp video/ audio calls and chats. I want only my IOS devices being allowed to use Whatsapp so that no attacker from outside could get through to my NAS, printer or any other devices not intended to use Whatsapp. 
 Also, Whatsapp calls initiated from a device within my LAN should work to any other Whatsapp user, may he be on the web or in my LAN, too. 
 Therefor I added a new rule that looks like: from "Any" - "whatsapp" - to: <here I selected all my IOS devices that show up in the left selection menu> 
 
 6. ACTIVATE all these rules with the activation button!

Whatsapp chats via webbrowser from my PCs work. 
 Whatsapp chat now works fast, audio and video calls work from my IOS devices, too. 
 
 Good luck and my you save a lot of time that I had to put in... 
 BR Alex.

lferrara · Answer

M.Hegazy , 
 create a web exception with this urls: 
 ^([A-Za-z0-9.-]*\.)?whatsapp\.com ^([A-Za-z0-9.-]*\.)?whatsapp\.net ^([A-Za-z0-9.-]*\.)?50\.22\.19[2-9]\. ^([A-Za-z0-9.-]*\.)?50\.22\.2[0-5][0-5]\. 
 ^([A-Za-z0-9.-]*\.)?whatsapp\.net\.?/ 
 Here the image. In my case works. I use decrypt and scan on my XG. 
 
 Regards

Michael Ploch1 · Answer

I finally, after months, solved the issue: 
 
 Go to Web Protection -> Generall Settings -> HTTPS decryption and scanning and then UNCHECK "Block unrecognized SSL protocols" 
 Somewhere I read about Whatsapp using invalid SSL. Thats the point here. Wished my firewall had more clear logfiles. Impossible to work with the logfile to solve this. Thats the sad point. The lucky point is, it is working :) :) :) Finally! ;) 
 
 Works with pharming protection on, btw. And I dont need any exceptions. You can leave "Block invalid certificates" checked.

M.Hegazy · Answer

problem is finally solved 
 it was related to "Enable Pharming Protection" option in web protection 
 i had to diable it to get it work

M.Hegazy · Answer

hello 
 sorry for bringing this thread up again 
 i was able to solve the problem one more time by add each category i want to block in separate rule inside the web policy 
 once i did it the whatsapp application worked smoothly without delay 
 try to do the same and let us know 
 thanks

WhatsApp Issue with Web Protection

Top Replies