This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing images in Whatsapp messages

I have a UTM running version 9.351-3.   Web Protection is set up to allow Whatsapp messaging.  However, users are still prevented from viewing images shared via whatsapp when Web Protection is enabled.  Application Control allowing Whatsapp does not seem to help.  It looks like Whatsapp uses directly referenced IP addresses instead of URLs along with non-SSL data on SSL ports, and the address is different with every request, so manually allowing specific addresses in Web Protection will not work.  The images work when Web Protection is disabled, so there are not firewall issues outside of Web Protection.  

Here is the error from Web Protection log:

2015:11:15-10:01:33 proxy-fw httpproxy[5283]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0xee20000" function="is_server_certificate_valid" file="ssl.c" line="760" message="Unable to get peer certificate"

2015:11:15-10:01:33 proxy-fw httpproxy[5283]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="" srcip="172.16.200.18" dstip="184.173.161.163" user="" ad_domain="" statuscode="502" cached="0" profile="REF_HttProFamilDefau (Family Default)" filteraction="REF_HttCffDefauUserFilte (Default User Filter)" size="0" request="0xee20000" url="https://184.173.161.163/" referer="" error="Failed to verify server certificate" authtime="0" dnstime="4" cattime="0" avscantime="0" fullreqtime="101709" device="0" auth="0" ua="" exceptions=""

Is there a known setting for UTM Web Protection to allow users to download images to view in Whatsapp?

Thanks,

---H



This thread was automatically locked due to age.
Parents
  • This probably was resolved a while back, but here's my two cents.

    Try adding both of these domains to a filter exception. The .net domain did it for me as far as pictures go. Might want to narrow it down more if possible.

    ^https?://[A-Za-z0-9.-]*\.whatsapp\.com\.?/
    ^https?://[A-Za-z0-9.-]*\.whatsapp\.net\.?/

Reply
  • This probably was resolved a while back, but here's my two cents.

    Try adding both of these domains to a filter exception. The .net domain did it for me as far as pictures go. Might want to narrow it down more if possible.

    ^https?://[A-Za-z0-9.-]*\.whatsapp\.com\.?/
    ^https?://[A-Za-z0-9.-]*\.whatsapp\.net\.?/

Children