Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 1045 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

zoom application restart in firewall network. works better in non-firewall network

Sophos User6508

HI All

Currently i am facing a issue with zoom application. This happens my xg210 firewall all of sudden rebooted to factory default condition and then restore to old backup. but after this incident my zoom application reboot automatically during the meeting ( joining or hosting). We do face some issue with office 365 installation and email  issue but that has been resolved by loading web exception files ( got the files from https://support.sophos.com/support/s/article/KB-000038173?language=en_US). After this office 365 issues has been resolved.

I do remember last year sophos has same file available for zoom application also. if some one has those file can share with me.

regards

Mahesh



This thread was automatically locked due to age.
  • 0

    Hi Mahesh and welcome to the Sophos Community!

    You posted in the UTM Community, so I moved this thread to the Sophos Firewall (XG) Community.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    Hello ,

    Thank you for reaching out to the community, how many number of users were live when the issue occurred ?
    Is DoS Protection enabled ? Have you enabled the flooding on the UDP protocol ?
    What is the current firmware on the appliance ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • +1

    Hi,

    this all I use for zoom meetings = a web exception with all boxes ticked

    ^([A-Za-z0-9.-]*\.)?zoom\.us/

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    zoom requires special ports to be open outbound, not only 443. But  this should have been migrated by your config restore. Did it work before? Maybe you need to adopt recent changes in the zoom ip ranges to your FW rules. support.zoom.us/.../201362683-Zoom-network-firewall-or-proxy-server-settings

  • 0 in reply to LHerzog

    Correct, I forgot to include this, my services entry for zoom,

    TCP (1:65535) / (8801:8802), UDP (1:65535) / (3478:3479), UDP (1:65535) / (8801:8802)

    Ian

    XG115W - v19.5.1 mr-1 - Home

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to LHerzog

    Yes, it was working very well from last one year. due to unknown reason my firewall restore to factory default settings. Upon restore from backup we are facing hell of zoom problems. Lat year we got some web exception file with tag required, minimum, full. these files are uploadble to firewall directly and create lot of web exceptions whihc we can switch on and off as per our need. BUt this time these files are not available any where on the net. If you are using office 365 - web exception files are available for office 365 on sophos database.

  • 0 in reply to Vivek Jagad

    Yes, DoS protection and UDP Flooding is enable. current firmware is SFOS 18.5.4 MR-4-Build418

  • 0 in reply to Sophos User6508

    zoom is our main conferencing app so we have some experience with it.

    you need to check IPS / UDP flood also. Also if there are other firewalls involved upstream. Zoom hates flood protection - their audio and video is UDP and has high rates of packets. Turn it off for UDP (1:65535) / (3478:3479), UDP (1:65535) / (8801:8802) - either to any or to the Zoom IP ranges only. Remember, you need also flood exceptions for inbound packets from thise zoom networks, not only outgoing.

    Also we were never lucky with web exceptions only.

    Our Zoom firewall rule exists of over hundred destination network objects. Of course you could allow those ports to any destination - but this is a little bit more insecure.

    TLS and Webfiltering: off

    Destination zones
    • WAN
    Destination networks
    • SRV-EXT-zoom.us
    • SRV-EXT-zoomsvr.us
    • NET-EXT-Zoom_3.7.35.0/25
    • NET-EXT-Zoom_3.21.137.128/25
    • NET-EXT-Zoom_3.22.11.0/24
    • NET-EXT-Zoom_3.23.93.0/24
    • NET-EXT-Zoom_3.25.41.128/25
    • NET-EXT-Zoom_3.25.42.0/25
    • NET-EXT-Zoom_3.25.49.0/24
    • NET-EXT-Zoom_3.80.20.128/25
    • NET-EXT-Zoom_3.96.19.0/24
    • NET-EXT-Zoom_3.101.32.128/25
    • NET-EXT-Zoom_3.101.52.0/25
    • NET-EXT-Zoom_3.104.34.128/25
    • NET-EXT-Zoom_3.120.121.0/25
    • NET-EXT-Zoom_3.127.194.128/25
    • NET-EXT-Zoom_3.208.72.0/25
    • NET-EXT-Zoom_3.211.241.0/25
    • NET-EXT-Zoom_3.235.69.0/25
    • NET-EXT-Zoom_3.235.82.0/23
    • NET-EXT-Zoom_3.235.71.128/25
    • NET-EXT-Zoom_3.235.72.128/25
    • NET-EXT-Zoom_3.235.73.0/25
    • NET-EXT-Zoom_3.235.96.0/23
    • NET-EXT-Zoom_4.34.125.128/25
    • NET-EXT-Zoom_4.35.64.128/25
    • NET-EXT-Zoom_8.5.128.0/23
    • NET-EXT-Zoom_13.52.6.128/25
    • NET-EXT-Zoom_13.52.146.0/25
    • NET-EXT-Zoom_18.157.88.0/24
    • NET-EXT-Zoom_18.205.93.128/25
    • NET-EXT-Zoom_50.239.202.0/23
    • NET-EXT-Zoom_50.239.204.0/24
    • NET-EXT-Zoom_52.61.100.128/25
    • NET-EXT-Zoom_52.202.62.192/26
    • NET-EXT-Zoom_52.215.168.0/25
    • NET-EXT-Zoom_64.125.62.0/24
    • NET-EXT-Zoom_64.211.144.0/24
    • NET-EXT-Zoom_65.39.152.0/24
    • NET-EXT-Zoom_69.174.57.0/24
    • NET-EXT-Zoom_69.174.108.0/22
    • NET-EXT-Zoom_99.79.20.0/25
    • NET-EXT-Zoom_103.122.166.0/23
    • NET-EXT-Zoom_206.247.0.0/16
    • NET-EXT-Zoom_111.33.181.0/25
    • NET-EXT-Zoom_115.110.154.192/26
    • NET-EXT-Zoom_115.114.56.192/26
    • NET-EXT-Zoom_115.114.115.0/26
    • NET-EXT-Zoom_115.114.131.0/26
    • NET-EXT-Zoom_120.29.148.0/24
    • NET-EXT-Zoom_140.238.128.0/24
    • NET-EXT-Zoom_147.124.96.0/19
    • NET-EXT-Zoom_149.137.0.0/17
    • NET-EXT-Zoom_152.67.20.0/24
    • NET-EXT-Zoom_152.67.118.0/24
    • NET-EXT-Zoom_152.67.180.0/24
    • NET-EXT-Zoom_158.101.64.0/24
    • NET-EXT-Zoom_160.1.56.128/25
    • NET-EXT-Zoom_18.64.171.246/32
    • NET-EXT-Zoom_161.199.136.0/22
    • NET-EXT-Zoom_162.12.232.0/22
    • NET-EXT-Zoom_162.255.36.0/22
    • NET-EXT-Zoom_165.254.88.0/23
    • NET-EXT-Zoom_168.138.16.0/22
    • NET-EXT-Zoom_168.138.48.0/24
    • NET-EXT-Zoom_168.138.72.0/24
    • NET-EXT-Zoom_168.138.244.0/24
    • NET-EXT-Zoom_173.231.80.0/20
    • NET-EXT-Zoom_192.204.12.0/22
    • NET-EXT-Zoom_193.122.32.0/20
    • NET-EXT-Zoom_193.123.0.0/19
    • NET-EXT-Zoom_193.123.40.0/21
    • NET-EXT-Zoom_193.123.128.0/19
    • NET-EXT-Zoom_198.251.128.0/17
    • NET-EXT-Zoom_202.177.207.128/27
    • NET-EXT-Zoom_204.80.104.0/21
    • NET-EXT-Zoom_204.141.28.0/22
    • NET-EXT-Zoom_207.226.132.0/24
    • NET-EXT-Zoom_209.9.211.0/24
    • NET-EXT-Zoom_209.9.215.0/24
    • NET-EXT-Zoom_213.19.144.0/24
    • NET-EXT-Zoom_213.19.153.0/24
    • NET-EXT-Zoom_213.244.140.0/24
    • NET-EXT-Zoom_221.122.88.64/27
    • NET-EXT-Zoom_221.122.88.128/25
    • NET-EXT-Zoom_221.122.89.128/25
    • NET-EXT-Zoom_221.123.139.192/27
    • NET-EXT-Zoom_101.36.167.0/24
    • NET-EXT-Zoom_111.33.115.0/25
    • NET-EXT-Zoom_129.151.0.0/19
    • NET-EXT-Zoom_129.159.0.0/20
    • NET-EXT-Zoom_130.61.164.0/22
    • NET-EXT-Zoom_134.224.0.0/16
    • NET-EXT-Zoom_140.238.232.0/22
    • NET-EXT-Zoom_144.195.0.0/16
    • NET-EXT-Zoom_152.67.168.0/22
    • NET-EXT-Zoom_152.67.184.0/22
    • NET-EXT-Zoom_152.67.240.0/21
    • NET-EXT-Zoom_168.138.56.0/21
    • NET-EXT-Zoom_168.138.96.0/22
    • NET-EXT-Zoom_168.138.116.0/22
    • NET-EXT-Zoom_170.114.0.0/16
    • NET-EXT-Zoom_193.122.208.0/20
    • NET-EXT-Zoom_193.122.224.0/20
    • NET-EXT-Zoom_193.122.240.0/20
    • NET-EXT-Zoom_193.123.168.0/21
    • NET-EXT-Zoom_193.123.192.0/19
    • NET-EXT-Zoom_168.138.74.0/25
    • NET-EXT-Zoom_129.151.40.0/22
    • NET-EXT-Zoom_129.151.48.0/20
    • NET-EXT-Zoom_129.159.160.0/19
    • NET-EXT-Zoom_129.159.208.0/20
    • NET-EXT-Zoom_158.101.184.0/22
    • NET-EXT-Zoom_168.138.80.0/21
    • NET-EXT-Zoom_152.70.224.0/21
    • NET-EXT-Zoom_156.45.0.0/17
    • NET-EXT-Zoom_150.230.224.0/21
    • NET-EXT-Zoom_193.122.16.0/20
    • NET-EXT-Zoom_20.203.158.80/28
    • NET-EXT-Zoom_20.203.190.192/26
    • NET-EXT-Zoom_166.108.64.0/18
    • NET-EXT-Zoom_64.224.32.0/19
    • NET-EXT-Zoom_18.64.173.240/32
    • NET-EXT-Zoom_18.64.179.243/32

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML