hello everyone
when ever i turn on web protection for a rule users who can use internet through this rule can use whatsapp application on there phones or web whatsapp
i tried to make a workaround for web whatsapp and created a top rule that allow access to web whatsapp and turned off web protection and that solved web whatsapp problem
now my problem is with the application it self it wont work until i turn off the web protection
although i made exception for it in the PROTECT>Web>Exceptions and checked the log viewer and it is all green and all http and https scan & Decrypt are turned off
is there any solution for this issue ?
thank you
M.Hegazy,
create a web exception with this urls:
^([A-Za-z0-9.-]*\.)?whatsapp\.com^([A-Za-z0-9.-]*\.)?whatsapp\.net^([A-Za-z0-9.-]*\.)?50\.22\.19[2-9]\.^([A-Za-z0-9.-]*\.)?50\.22\.2[0-5][0-5]\.
^([A-Za…
^([A-Za-z0-9.-]*\.)?whatsapp\.net\.?/
Here the image. In my case works. I use decrypt and scan on my XG.
Regards
Hi
i solved whatsapp application issue yesterday
i dont use "Any" as service
the problem solved when i added whatsapp application ports and both of them were working till this morning
but couple hours ago the QR code came to the surface again
any idea why this strange behavior from the firewall??
I already did, but solely this does not help.
Die try it with your Suggestion in web filtering and have to see how it behaves now. Debugging is pretty difficult since log files do not point it out clearly...
Hey Michael, just wanted you to have your application policy with the Whatsapp rule in conjunction with the web policy setting i mentioned. That's what worked for me.
This is the web policy i mentioned.
make sure video and voice are on top of the web policy and all actions are allowed. and then make sure your application filter has all the Whatsapp criteria allowed.
Yep, i Had allow all in web Policy ans added your rule in Addition. I Always had the Applikation rule running.
Will geht Back to you once either the Error occurs again or it worked for some days...
ok, that did not last long...
I had the same delay some hours ago. Messages just aren't sent without delay, if I switch to mobile data on smartphone, message is sent immediately. If I keep staying in my wifi, there is a delay about 2 minutes... more or less...
As a last step I try to deactivate all firewall policies for that device and disable pharming protection.
If problem although occurs, I would say it is not a Sophos issue, is it? Whats your opinon? What else could it be? Do you see any else options how I could debug my issue?
Thanks a lot, Michael
Hi,
Try reviewing the DNS settings on the failing device.
Ian
it is the firewall als dns and my providers dns servers.
what else can I review here? normal webbrowsing and everything else works like a charm...
Hey Michael, was going through my rules and forgot that i have specified my services for my general rule and within the services i created a whatsapp service of ports that whatsapp uses.
so for my general rule i allow https, smtp..etc
Good point about the ports. https://www.quora.com/What-is-the-port-number-for-whatsapp
If that is not it, then:
Well after testing it, it was the pharming protection
I disable it and all went well, I have applied all my web and application rules again and all working fine till this moment...
So, few days later, just to be sure thats a problem in my sophos I deactivated all firewall filters and pharming protection. Just had "scan http " option active. I never had the HTTPS scan option active. Do not need that at the moment. First have to get it working without that option to lower complexity.
What shall I say, it just worked!
As a next step I will reactivate setting by setting and see what happens. I will start with activating pharming protection and will see.
I hop to drill down the problem within the next days. Depending on where it stucks, I will try to implement the ideas of the community I have heard so far..
Thank you in advance, Michael
Waiting to see your results.
okay, five days have passed and I did not have any problems with pharming protection on... Now brave enough to turn on intrusion preventien for my firewall rule and see whats happening. getting back to you...