This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Alan-Heleno
Explorer
‎2022-05-03 12:01 PM

WhatsApp Web

After updating a member of the cluster from R80.30 to R80.40 take 156, ~the~WhatsApp Web access using browsers stopped working. It doesn't load the QRCode.

I added the regex \.whatsapp\.com and \.whatsapp\.net in the appControl, and the QRCode loaded, but reading this code with WhatsApp on smartphone, the browser informs that the computer is disconnected.

The same regex added in HTTPS Inspection, enabling bypass, solves the issue.

Is this a known problem in the R80.40 version? Does anybody else have this problem? Is there any solution to this problem, except bypass and regex (high CPU consumption)?

Thank you.

Preview file
9 KB
0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-05-03 05:47 PM

If it's reproducible please raise it with TAC for investigation so they can compare the behavior & perform the necessary analysis.

Note similar has been discussed here previously but not in the context of an upgrade, please refer:

https://community.checkpoint.com/t5/Security-Gateways/Block-WhatsApp-Uploads-Downloads/m-p/143992 

CCSM R77/R80/ELITE
0 Kudos
Alan-Heleno
Explorer
‎2022-05-05 12:43 PM
In response to Chris_Atkinson

Hi Chris, how are you?

I'm suspecting a malfunction of https inspection. As has always been a delicate feature of Check Point, I'm reviewing the rules, looking for a possible resolution.
I thought it was something at the general level of the R80.40 version.
If I manage to solve it, I'll write it here for everyone.
Thanks.

0 Kudos
Sorin_Gogean
Advisor
‎2022-05-05 10:36 PM
In response to Alan-Heleno

Hello Alan,

 

I'm a bit confused, trying to understand your problem :).

So in 80.30 with HTTPS Inspection enabled, and no bypass for the WhatsApp , all was good.

Now in 80.40 you get the data/webpage on the client, but the QR is invalid.

If you skip/bypass the WhatApp in the HTTPS Inspection (R80.40) all works fine.

- did you tried to compare -the QR picture- between those 2, I doubt it that they will differ based on your HTTPS inspection as the picture is already generated, but you never know.

 

PS: in some documents, checkpoint recommends not to use regexp due to CPU intensive processes, maybe you can better use SNI matching to categories - see TIP 17 from <https://community.checkpoint.com/t5/General-Topics/R81-Top-25-Gateway-Tuning-Tips/m-p/66380>  

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Thu 25 Apr 2024 @ 10:00 AM (CEST)

    The Anatomy of a Cloud Hack by NotSoSecure - EMEA Session

    Thu 25 Apr 2024 @ 06:00 PM (IDT)

    The Anatomy of a Cloud Hack by NotSoSecure - America Session
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82
    Virtual

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap
    Virtual

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap
    Virtual

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    Virtual

    Thu 02 May 2024 @ 04:00 PM (CEST)

    CheckMates Live DACH - Keine Kompromisse - Sicheres SD-WAN
    Virtual

    Thu 02 May 2024 @ 05:00 PM (CEST)

    SASE Masters: Deploying Harmony SASE for a 6,000-Strong Workforce in a Single Weekend
    CheckMates Events