Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ahernandez_FTNT
Staff
Staff

Created on ‎11-30-2015 06:04 AM

Article Id 195035

Technical Note: Avoiding file transfer issues with WhatsApp when SSL Deep Inspection is applied

Description

When SSL “Full Inspection” is applied in the firewall policies for internal user’s traffic, users may report issues to transfer files/pictures using WhatsApp.


Solution

The best solution is creating a firewall policy on top allowing access to traffic with “WhatsApp” IP addresses as destination. This can be applied following the next steps:

1)      1) Copy the content of the attached script

2)      2) Paste it in the FortiGate CLI

3)      3) Verify that one address-group named “WhatsApp_grp” has been created in the FortiGate

           Untitled.jpg

4)     4) Create a firewall policy (over general policies) from Internal -> WAN with source IP “ALL” and destination “WhatsApp_grp” without applying SSL inspection.   

           NovemberKB(2).jpg

5)     5) Verify WhatsApp works properly after the changes.


whatsapp script.txt
Preview file
6 KB
Labels:
18490
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.