Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 18 replies
  • Answers 1 answer
  • Subscribers 29 subscribers
  • Views 4806 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allowing Whatsapp Calls in Sophos XG

Christiaan du plessis

Hi all.

I'm running Sophos XG Home Edition (SFOS 19.0.0 GA-Build317).

 Whatsapp Calls are being blocked,

I have no Web Policy or Application Control being used by Firewall rule.

Any services are allowed from LAN to WAN.

Can't see that anything is blocked in the Log viewer.

Have also tried to add a web Exception matching these URL's:

^([A-Za-z0-9.-]*\.)?50\.22\.19[2-9]\.
^([A-Za-z0-9.-]*\.)?50\.22\.2[0-5][0-5]\.
^([A-Za-z0-9.-]*\.)?whatsapp\.com.?/
^([A-Za-z0-9.-]*\.)?whatsapp\.net.?/
Allowed Voice & Video Calls under Web Policies,
added and allowed Whatsapp under Application filter and
used it in the firewall rule.  
 
None of the above allows me to make Whatsapp calls, all other 
Whatsapp services seem to work, except for calls.
Any assistance would be appreciated.


This thread was automatically locked due to age.
Parents
  • +1

    Hi Christiaan du plessis

    you can confirm with drop packet capture 

    console>drop-packet-capture 'host <source or destination IP>

    suspecting issue from ISP router

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    This is what I found:

    messageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="N/A" fw_rule_name="" fw_rule_section="" nat_rule_id="0" nat_rule_name="" policy_type="0" sdwan_profile_id_request="0" sdwan_profile_name_request="" sdwan_profile_id_reply="0" sdwan_profile_name_reply="" gw_id_request="0" gw_name_request="" gw_id_reply="0" gw_name_reply="" sdwan_route_id_request="0" sdwan_route_name_request="" sdwan_route_id_reply="0" sdwan_route_name_reply="" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" vlan_id="" ether_type="IPv4 (0x0800)" bridge_name="" bridge_display_name="" in_interface="Port1" in_display_interface="Port1" out_interface="" out_display_interface="" src_mac="b8:d7:af:86:b0:a5" dst_mac="" src_ip="192.168.1.234" src_country="R1" dst_ip="149.154.167.92" dst_country="GBR" protocol="TCP" src_port="33128" dst_port="5222" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Invalid packet." appresolvedby="Signature" app_is_cloud="0" log_occurrence="1" flags="0"

  • 0 in reply to Christiaan du plessis

    Hi  Christiaan du plessis 

    As per the logs firewall rule as well as NAT rule is not getting detected 

     fw_rule_id="N/A" fw_rule_name="" fw_rule_section="" nat_rule_id="0" 

    Please to go MONITOR & ANALYZE-->Diagnostics-->Packet Capture and click on Configured and add "host 192.168.1.234" and start the packet capture from GUI too to check firewall rule id and NAT applied 

    Please share the snapshot for firewall rule and NAT rule you have configured 

    Thanks and Regards 

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Christiaan du plessis

    Hi  Christiaan du plessis 

    For Testing purposes created a firewall rule for source IP to bypass from Sophos as per the below snapshot 

    Click on Create linked NAT rule on same firewall rule to keep the NAT on TOP  

    And check the packet capture again 

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Hi Bharat J

    Thank you, will try that.

  • 0 in reply to Christiaan du plessis

    This is with the Bypass FW and NAT rule as you recommended.

Reply Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?