Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 25 subscribers
  • Views 15057 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exclude urls/ips/domainpattern from SSL Scan not working (whatsapp)

MrJens

Hi,

how could I exclude URLs/IPs like :    *.whatsapp.* oder 50.22.19.0/24 from SSL Scanning.

All excludes in the "HTTPS Scanning Exceptions" seems not to work - just tried with this IPs.

https://198.23.87.74

Only Image transfer is not working with SSL Scan enabled.

Jens



This thread was automatically locked due to age.
Parents
  • 0
    Workaround for whatsapp because you can't use masks/pattern :

    Download Whatsapp cidr : www.whatsapp.com/cidr.txt

    Expand all Networks to full ips :

    while read p; do
    prips $p > longiplist.txt
    done <cidr.txt

    Split list into 2 Lists with less then 2000 IPs each list and create 2 new "Web Categories":
    Protection > Web Protection > Web Categories

    WhatsApp-Part1-IPs, WhatsApp-Part2-IPs

    Exclude this 2 "Web Categories" in the "Web Content Filter" Configuration - "HTTPS Scanning Exceptions"
    Protection > Web Protection > Web Content Filter -> HTTPS Scanning Exceptions

    Thats it.
    But Only Access direct to the IPs is now excludes from the HTTPS scanning engine.
    https://www.whatsapp.com still goes through the SSL-Proxy.

    Not a solution - but a first workaround

    Jens
Reply
  • 0
    Workaround for whatsapp because you can't use masks/pattern :

    Download Whatsapp cidr : www.whatsapp.com/cidr.txt

    Expand all Networks to full ips :

    while read p; do
    prips $p > longiplist.txt
    done <cidr.txt

    Split list into 2 Lists with less then 2000 IPs each list and create 2 new "Web Categories":
    Protection > Web Protection > Web Categories

    WhatsApp-Part1-IPs, WhatsApp-Part2-IPs

    Exclude this 2 "Web Categories" in the "Web Content Filter" Configuration - "HTTPS Scanning Exceptions"
    Protection > Web Protection > Web Content Filter -> HTTPS Scanning Exceptions

    Thats it.
    But Only Access direct to the IPs is now excludes from the HTTPS scanning engine.
    https://www.whatsapp.com still goes through the SSL-Proxy.

    Not a solution - but a first workaround

    Jens
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?