HOW TO: Unblock Ring doorbell app when Sophos XG is using SSL/TLS decryption

Question

Hi 
 In case it helps anyone trying to use the Ring doorbell App behind an XG when SSL/TLS decryption is enabled, you will need to a custom SSL/TLS inspection rule. 
 Ports used by the Ring device are here: The Protocols and Ports Used by Ring Devices &ndash; Ring Help 
 Add a new Service (Hosts & Services / Services / Add) which includes TCP ports 9998, 9999, 15063 and 15064. 
 Add a new SSL/TLS inspection rule to "Top" (Rules and Policies / SSL/TLS inspection rules / Add). 
 Action: Don't decrypt 
 Source zones: as required 
 Destination zones: WAN 
 Services: your new Service 
 
 RING will not tell you the destination URLs or IP addresses used by their apps. Not helpful.

emmosophos · Answer

Hello Jeremy, 
 Thank you for your contribution to the Community! 
 ""In case it helps anyone trying to use the Ring doorbell App behind an XG when SSL/TLS decryption is enabled, you will need to a custom SSL/TLS inspection rule. 
 Ports used by the Ring device are here: The Protocols and Ports Used by Ring Devices &ndash; Ring Help 
 Add a new Service (Hosts & Services / Services / Add) which includes TCP ports 9998, 9999, 15063 and 15064. 
 Add a new SSL/TLS inspection rule to "Top" (Rules and Policies / SSL/TLS inspection rules / Add). 
 Action: Don't decrypt 
 Source zones: as required 
 Destination zones: WAN 
 Services: your new Service""

HOW TO: Unblock Ring doorbell app when Sophos XG is using SSL/TLS decryption

Top Replies