Allow Teamviewer in Web Protection

Are you doing https inspection?  I have this exception.   Do not remember when or why I created it:

• Description: "Work around Teamviewer SSL handshake Bug"
• Action:  Skip SSL Scanning and Refer to Sandstorm
• For target domains ^https?://(?:[A-Za-z0-9-]+\.)+teamviewer\.com/?

I also have a Country Blocking override for port TCP 5938.  If you are using Standard Mode web, you might need 5938 in the Allowed Target Services list

(Web Protection... Filtering Options... Misc (tab)

Unfortunately I have this rule form before ...

• Description: "Work around Teamviewer SSL handshake Bug"
• Action:  Skip SSL Scanning and Refer to Sandstorm
• For target domains ^https?://(?:[A-Za-z0-9-]+\.)+teamviewer\.com/?

Country blocking is not used, and outgoing ports are not blocked. If I turn off web filtering, TV works. Nothing touched, working for a long time, just stopped working a month ago. Will try to contact support ... very strange.

Did you made any progress?
I got a similar problem and it seems the proxy detection doesn't work well.

Best

Alex

Unfortunately no progress. It was working for a long time ( with exceptions configured ), and it stopped suddenly. I will have to involve support. If I turn off web protection, it’s working.

Same here. We do have a GPO to force TeamViewer Client to use https by default and manual proxy w/o user.

At Web Protection, we do have RegEx for *.Teamviewer.* for any in port 80 & 443.

At Network Protection, we do have rules, allowing ping3.teamviewer.com and master1 to 16.teamviewer.com Wirth 80, 443 and the 5... mentioned above.

Did worked until this or last week.

No logs in Web Protection, but drops to IPs at Network Protection which are not covered by known hostnames of Teamviewer.

Maybe they have changed there hostnames and/or IPs.

Same here. We do have a GPO to force TeamViewer Client to use https by default and manual proxy w/o user.

At Web Protection, we do have RegEx for *.Teamviewer.* for any in port 80 & 443.

At Network Protection, we do have rules, allowing ping3.teamviewer.com and master1 to 16.teamviewer.com Wirth 80, 443 and the 5... mentioned above.

Did worked until this or last week.

No logs in Web Protection, but drops to IPs at Network Protection which are not covered by known hostnames of Teamviewer.

Maybe they have changed there hostnames and/or IPs.

Maybe related to the attacks they are getting at the moment.

Monitoring - We were able to resolve the server load issue. TeamViewer services should be up and running normally again for most of our users. We will continue to monitor all systems in order to ensure mitigation is complete. We would like to apologize for any inconvenience experienced by our users.

Jul 24, 17:54 CEST

Update - The implementation of today’s precautionary measure resulted in a very high server load. A larger group of users are currently experiencing service degradation. We are working to resolve the issue and get our systems up and running normally as soon as possible. We would like to apologize for any inconvenience experienced by our users.

Jul 24, 16:09 CEST

Identified - Based on global cooperation against malicious cyber activities, TeamViewer’s team and leading security researchers perform regular threat prevention analysis to identify inconsistent or suspicious behaviour within and beyond its network. In this context, in-depth data analysis revealed patterns of connection attempts that deviated from expected usage scenarios of TeamViewer. As this observation was limited to a small subgroup of endpoints, TeamViewer decided to invalidate and automatically re-assign unique identifiers (TeamViewer IDs) within this subgroup.

The precautionary measure has successfully been rolled out to full effect. For a short period of time, some users may experience service degradation, which will be resolved as soon as possible.

Jul 24, 14:49 CEST

They probably changed something on their side, as you said, I too see no errors in log etc. Are we two alone in this ? Anyone else using web protection and have problems with TV ?