Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 42 subscribers
  • Views 6154 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG Home edition and Battle.net

David Clark1

Moved to Sophos XG from a Fortigate, all seems to work OK but the battle.net client. It won't connect. Disbaled SSL inspection, no change. Created a new rule for the PC, disabled all inspection, IPS and the like and put rule at top, issue still remains.

I see in the logs it hitting the rule, so it's using it.

Change my gateway to old Fortigate IP and battle.net client connects.

It's something on Sophos, but logs look OK, and allow all traffic.....any thoughts?



This thread was automatically locked due to age.
Parents
  • 0

    the neverending story with sophos generally.

    horror with microsoft exceptions, also many other programms.

    for blizzard / battlenet I have the following urls in exceptions configured:

    ^([a-zA-Z0-9.-]*\.)?origin-[A-Za-z]\.akamaihd\.net/

    ^([a-zA-Z0-9.-]*\.)?eaassets([0-9])*-[A-Za-z]\.akamaihd\.net/

    ^([a-zA-Z0-9.-]*\.)?akamaihd\.net/

    ^([a-zA-Z0-9.-]*\.)?blizzard\.com/

    ^([a-zA-Z0-9.-]*\.)?blzddist1-a.akamaihd\.net/

    ^([a-zA-Z0-9.-]*\.)?battle\.net/

  • 0 in reply to nd

    Hi,

    what exceptions did you apply? Are you using the Web proxy?

    Please post a copy of your rule.

    When reviewing logviewer did you see all of the exceptions listed? What ports have you listed?

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0 in reply to nd

    Hi,

    what exceptions did you apply? Are you using the Web proxy?

    Please post a copy of your rule.

    When reviewing logviewer did you see all of the exceptions listed? What ports have you listed?

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
  • 0 in reply to rfcat_vk

     A list of ports you need in your rule also battle.net will not work with SSL/TLS even with exception.

    Blizzard Battle.net Ports Needed to Run
    TCP Port: 80, 443, 1119, 1120, 3074, 3724, 4000, 6112-6120, 27014-27050
    UDP Port: 80, 443, 1119, 1120, 3478-3479, 3724, 4000, 4379-4380, 5060, 5062, 6112-6119, 6250, 27000-27031, 27036, 12000-64000

    Ian

    XG115W - v20.0.3 MR-3 - on holiday

    XGS118 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    i am switching at the moment from utm to xg. actually i perepare and configure the new xg appliance, the utm still runs.

    in utm it was sufficient to configure the exceptions under web filter.

    does this apply to xg?

Unfiltered HTML