SSL Man In the Middle Filtering blocking slack bbm skype
-
Hi. I enabled SSL Man In the Middle Filtering to have https sites blocked in my pfsense squid proxy server settings. I included "slack.com" to the domains to be whitelisted. I did also put other related urls for slack such as slack-files.com, slack-edge.com, slack-msgs.com etc. into our whitelist target settings, as mentioned to what was suggested in the slack help page. But slack still retries to connect.
I am able to access and login to slack.com via browser and app, but after signing in, the retrying to connect issue pops up. this type of issue also happens to bbm.com and skype.com. It seems that it is blocking personal messaging of messenger type apps. I hope I can find help how to resolve this issue.
Hoping you can help or share insights on how we can make this worked.
-
If I am not mistaken, Squid Proxy server does not seem to allow persistent websocket traffic, that is why slack that uses webSockets, a persistent, always-open connection don't seem to work.
Anyone had the same issue? kindly share how did you fixed it.. -
Hi, I am also facing the same issue did got the fix for the same?, if yes please share that solution.. :)
-
perhaps you could try to use the 'bypass' instead of the whitelist
-
Yes, I already Tried, that is the another terrible problem i faced when i am troubleshooting when i am adding slack-core.com URL to the bypass the webfiltering is completely stopping The SquidGuard won't blocks URLs anymore.
-
@kirbyandlouie if you got the solution please share.
-
Sorry babujayaraj, I haven't found a solution on this. I am also waiting for inputs..
-
I have same problem, not work websocket connection on 443.
Web site https://web.whatsapp.com/ not load all parts…I tested also with http://websocketstest.com/, this are results:
-
Still facing this issue till now after upgrading to pfsense ver. 2.4.0-RELEASE. I hope they'll be able to address this, if anyone was able to make this work kindly please share what you did..
-
Also encountering the issue. Decided to just let go and set SSL/MITM Mode to Splice All for now..