Telegram Messenger Not Connecting When Any Web Policy is Active

Question

Original post here got locked: Telegram Messenger Not Connecting When Any Web Policy is Active 
 Application classification on or off makes no difference. 
 I've tried adding web filter exceptions for ^([A-Za-z0-9.-]*\.)?telegram\.com/ ^([A-Za-z0-9.-]*\.)?telegram\.org/ ^([A-Za-z0-9.-]*\.)?web\.tel\.onl/ 
 but that hasn't helped either. 
 If I set the Web Policy to anything other than "None", Telegram fails to connect. Even the default "Allow All" policy prevents it from connecting. 
 I've tried with both web proxy and DPI engine as well. Neither one makes any difference. 
 I see nothing in the logs being blocked. 
 Also of interest is Telegram on Windows desktop is not being blocked. It seems to only be the iOS version that's having issues.

alan weir · Answer

Have you checked the following things: 
 That you have decryption bypassed/disabled for iOS devices if "inspect HTTP and decrypted HTTPS" and/or " Decrypt HTTPS during web proxy filtering" is enabled in the firewall rule that allows the iOS device? 
 That in the TLS/SSL Inspection Rules, you are not attempting to "Decrypt" iOS device in the settings. 
 Check your firewall logs and "SSL/TLS Inspection" logs for Blocked Insecure SSL/TLS 
 A quick google search for Telegram states it uses it's own encryption called MTProto, so my guess is the firewall is blocking insecure encryption when web filter is on.

Telegram uses a custom build symmetric encryption scheme called MTProto. The protocol was developed by Nikolai Durov and other developers at Telegram and is based on 256-bit symmetric AES encryption, 2048-bit RSA encryption and Diffie&ndash;Hellman key exchange.

Telegram Messenger Not Connecting When Any Web Policy is Active

Top Replies