To Allow WhatsApp on an XG firewall
NOTE - Allowing WhatsApp enables users to send anything (text, pictures, documents, files etc) out of the network without there being any visibility of what has been sent due to the end to end encryption used by WhatsApp.
Please consider this from a safeguarding perspective.
Web>Exceptions
Create a new one as below:
Add Exception button
Name = WhatsApp
For web traffic matching these criteria:
Tick URL pattern matches, enter the following (one at a time) and click the + symbol after each entry:
Skip the selected checks or actions:
Tick HTTPS decryption
Tick Malware and content scanning
Tick Policy checks
Save
Ports may need to be opened for certain features of WhatsApp to work (or possibly for iPhone but not Android).
TCP - 5222:5223
UDP - 45395
TCP - 5242
TCP - 4244
UDP - 50300:59999
TCP - 5228
TCP - 50300:59999
UDP - 3478
Web>Exceptions
Create a new one as below:
Add Exception button
Name = WhatsApp
For web traffic matching these criteria:
Tick URL pattern matches, enter the following (one at a time) and click the + symbol after each entry:
^([A-Za-z0-9.-]*\.)?whatsapp\.com ^([A-Za-z0-9.-]*\.)?whatsapp\.net ^([A-Za-z0-9.-]*\.)?50\.22\.19[2-9]\. ^([A-Za-z0-9.-]*\.)?50\.22\.2[0-5][0-5]\. ^([A-Za-z0-9.-]*\.)?html5shiv\.googlecode\.com/ ^([A-Za-z0-9.-]*\.)?whatsappcdn\.appspot\.com/ ^([A-Za-z0-9.-]*\.)?code\.jquery\.com/ ^([A-Za-z0-9.-]*\.)?whatsapp\.mobi/Skip the selected checks or actions:
Tick HTTPS decryption
Tick Malware and content scanning
Tick Policy checks
Save
Ports may need to be opened for certain features of WhatsApp to work (or possibly for iPhone but not Android).
TCP - 5222:5223
UDP - 45395
TCP - 5242
TCP - 4244
UDP - 50300:59999
TCP - 5228
TCP - 50300:59999
UDP - 3478
No results found