This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Websockets Fails When SSL Decrypt and Scan Enabled

We have access a website that utilises websockets.  The website uses Twilio, which in turn seems to use websockets.  We have SSL Decrypt and Scan turned on (in transparent mode) and the Twilio Network test (https://networktest.twilio.com/) fails when enabled.  When disabled globally, the test passes.

I've tried adding in exceptions to disable SSL Scanning and also added IP addresses and domains into the Skip Transparent Mode Destination Host/Networks but it still fails.

Is it possible to bypass SSL Decrypt and Scan for websockets?



This thread was automatically locked due to age.
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to Sophos Community!


    We have tested accessing URL:networktest.twilio.com/ in our lab environment with 'Decrypt and scan' and found that while performing the diagnostics to WebSocket, it requests on 'chunderw-vpc-gll.twilio.com' URL.

    Please add URL exception for 'chunderw-vpc-gll.twilio.com' with HTTP Scannning checks under Web Protection > Filtering Options > Exception.



    Kindly try to follow above steps and share your observation.

  • If Yash' suggestion didn't sort your problem, please show us related lines from the Web Filtering log.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA