Description

This article describes how to resolve the problem of not being able to send/receive images and documents on WhatsApp.

Scope

FortiGate.

Solution

If an application Control profile is used in the policy, ensure that all the WhatsApp signatures are set to 'Allow':

Note: 

In this case, SSL deep inspection is required in the policy.

CLI configuration:

config application list
    edit "Allow_WhatsApp"
        config entries
            edit 1
                set application "28057" "37371" "40698" "39999" "49971" "49970" 
                set action pass
            end
         end

If a WebFilter profile is used in the policy, verify if the below URLs are allowed (this example is based on the requirement to block 'Instant Messaging' and 'Web Chat' categories and allow only WhatsApp traffic):

CLI configuration:

config webfilter profile
    edit "Allow_WhatsApp"
        config web
            set urlfilter-table 1
        end
 
config webfilter urlfilter
    edit 1
        set name "Auto-webfilter-urlfilter_zj9stazr3"
            config entries
                edit 1
                    set url "*.whatsapp.com"
                    set type wildcard
                next
                    edit 2
                        set url "media-sof1-1.cdn.whatsapp.net/*"
                        set type wildcard
                    next

        end

end