Hello, I have a FortiGate device running on version 7.2.7 in proxy-based mode. I noticed that despite some users having WhatsApp allowed in their respective policies, they are unable to perform file transfers intermittently. While some users can occasionally perform transfers, others cannot, even though they are subject to the same policy. Upon reviewing logs, I observed that some users get stuck at the "File_Transfer" stage while others do not, despite being under the same rule. This situation has left me confused, and I would appreciate your insights. Thank you.
Hello @N_W ,
Can you add the signature "WhatsApp_Web_File.Upload" and "WhatsApp_File.Transfer" to your app control profile? In my opinion, sometimes FortiGate misses some package about upload. Because of that, some users can send files via WhatsApp some users can't.
I think it will work once you do this.
Hello, thank you for getting back. Since I'm using NGFW MODE: Proxy-based, I don't have Application Control in my Security Profile. So, when writing rules, only the Application comes under the Service, and unfortunately, nothing other than WhatsApp and WhatsApp_Web appears there. Just to let you know. Have a good day
Created on 03-15-2024 01:44 AM Edited on 03-15-2024 01:45 AM
Hello @N_W,
You are right, cannot add these signatures directly to the policy. But you can create an application group in the "Policy&Object->Application" menu with these signatures.
After that configuration, you can use this group in the policy.
Thank you very much for your interest and attention. I followed your advice as you suggested. Now, I am awaiting the results. However, I have a question regarding WhatsApp file uploads. It requires SSL deep inspection, but the security profiles section doesn't have the deep inspection option. Moreover, since end users connect via their phones, even if there were such an option, I wouldn't be able to install the certificate on their devices. I considered implementing DNS filtering, but I suspect that might not suffice. Perhaps I'm missing some crucial information. Thank you for your response and for dedicating your valuable time. Regards.
Hello @N_W ,
You're welcome I hope I solved your problem.
In NGFW policy mode, you can configure ssl-inspection rule in "Policy&Object -> SSL-Inspection & Authentication" menu.
But if your client just connects with a mobile phone. You don't need to configure ssl-inspection. SSL inspection is just required for WhatsApp Web.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.