Hello all !
I have a personal FortiWifi 30E running 5.6.2 and I experienced some issues with Whatsapp. I have a policy that allow my local subnet to go outside using HTTP/HTPS/DNS and some other ICMP protocol. I installed a lot of firewall for some clients and never had this problem. Whatsapp is working but not normally. I have some delay (many minutes) when sending and receiving messages for example.
As workaround, I added 81 whatsapp address and put them into a address group, created a policy in front off others and disabled AV, IPS, APP and it is working. I even restricted traffic to specific ports used for whatsapp. All is working with this solution but I'm not very happy to use a static list of IP address.
do you have a better solution ? It could be fun if we can have "Whatsapp" as Internet Services.
Thank you in advance
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Do you normally have ssl cert inspection on? That has caused me issues in the past. Are you doing standard policy type or NGFW style?
Mike Pruett
Hello,
WhatsApp uses port 5222 and 443 for the regular messaging. I do not know how your policy is set up exactly, but if you only set up HTTP/HTTPS/DNS, you will need to add 5222 too. If you have been using the Application Control to whitelist WhatsApp, there's a signature update that will be released today. The protocol changed recently. Hope this helps.
HoMing
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1734 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.