Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
NunoAlves22
Explorer

Block WhatsApp - App &Url Filtering

Hi mates, i have a client that want's the filesharing and downloads from WhatsApp blocked and only allow text messages. I've created a rule blocking the Service WhatsApp Messenger-file transfer on the App & Url Filtering but it's not working, the user still can download files. I made a little research about it and i found this link : https://knowledge.broadcom.com/external/article/169299/block-photovideo-files-upload-transfer.html where they identify the domains which WhatsApp uses to download files. i Created the objects manually but still...doesn't work. Did anyone manage to make this work? or something similar? 

 

Regards 

David Pinto 

0 Kudos
7 Replies
Vincent_Bacher
Advisor

Didn't know that there is an application called WA filetransfer. 😳

Anyway

As WA is encrypted between endpoints, I don't believe that what you want to achieve is feasible. 

and now to something completely different
PhoneBoy
Admin
Admin

What version/JHF level?
To block most HTTPS sites (which this surely is) you need to be on a fairly recent version (R80.30 with most recent JHF and above) for this to work correctly due to the use of SNI.

It looks like you’re using domain objects, which won’t work here for various reasons.
You probably want to use “Internet” in the destination field and define the relevant hosts as part of a Custom Application Sites.

0 Kudos
NunoAlves22
Explorer

Hi PhoneBoy the version i have at the moment is : Deployment Agent build: 2019  |  R80.30 take 200 . I'm going to try you suggestion and will give feedback. What Vincent_Bacher told before also makes sense and i already thought about it. Once the traffic is encrypted on WhatsApp i don't know if this is feasible, but the question is Checkpoint has the WhatsApp Messegenger File Transfer available has an App to allow or drop.  Regards

0 Kudos
the_rock
Leader
Leader

Thats interesting issue...Im trying to think logically here if there would be any application you can use for this, but sounds like you found the right one. I dont know if using custom url category would help here...question though...when customer has successful connection, what rule does it go through?

Andy

0 Kudos
_Val_
Admin
Admin

There is a built in application for WA file transfer, you do not have to re-invent the wheel. However, source and destinations seem wrong to me

0 Kudos
_Val_
Admin
Admin

Use of destinations as you are trying to do, will not work. Make sure you use Internet or Any for destination. The rule you have is not matching, that's your issue.

0 Kudos
_Val_
Admin
Admin

Also, triple check your HTTPSi is working

0 Kudos