New Sophos Support Phone Numbers in Effect July 1st, 2023

Telegram Messenger Not Connecting When Any Web Policy is Active

Original post here got locked:  Telegram Messenger Not Connecting When Any Web Policy is Active 

Application classification on or off makes no difference.

I've tried adding web filter exceptions for

but that hasn't helped either.

If I set the Web Policy to anything other than "None", Telegram fails to connect. Even the default "Allow All" policy prevents it from connecting.

I've tried with both web proxy and DPI engine as well. Neither one makes any difference.

I see nothing in the logs being blocked.

Also of interest is Telegram on Windows desktop is not being blocked. It seems to only be the iOS version that's having issues.

Added TAGs
[edited by: Erick Jan at 12:47 AM (GMT -7) on 29 May 2023]
  • What functions in the exception have you enabled?


    XG115W - v19.5.2 mr-2 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • Have you checked the following things:

    That you have decryption bypassed/disabled for iOS devices if "inspect HTTP and decrypted HTTPS" and/or "Decrypt HTTPS during web proxy filtering" is enabled in the firewall rule that allows the iOS device?

    That in the TLS/SSL Inspection Rules, you are not attempting to "Decrypt" iOS device in the settings.

    Check your firewall logs and "SSL/TLS Inspection" logs for Blocked Insecure SSL/TLS

    A quick google search for Telegram states it uses it's own encryption called MTProto, so my guess is the firewall is blocking insecure encryption when web filter is on.

    Telegram uses a custom build symmetric encryption scheme called MTProto. The protocol was developed by Nikolai Durov and other developers at Telegram and is based on 256-bit symmetric AES encryption, 2048-bit RSA encryption and Diffie–Hellman key exchange.