Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
4737
Views
5
Helpful
7
Replies

skype and whatsapp are not working through firepower

Samer R. Saleem
Level 4
Level 4

‎12-13-2017 05:35 AM - edited ‎02-21-2020 06:57 AM

Hi,

 

i have rule configured to allow traffic to some applications like :Viber, Skype, Whatsapp

 

Viber is working good, Skype no and whatsapp also not working....

i have added all the available applications that appears when searching the filter list for skype and whatsapp

can anyone help?

thanks

 

Labels:
0 Helpful
7 Replies 7

mikael.lahtela
Level 4
Level 4

‎12-13-2017 09:48 AM

Hi,

I think you need to provide us how you are configuring the rules and also what platform/software you are running?

br, Micke
0 Helpful

Samer R. Saleem
Level 4
Level 4
In response to mikael.lahtela

‎12-13-2017 09:56 AM - edited ‎12-13-2017 09:58 AM

Hi,

 

this is the rule, AD user permitted for applications in the list SKYPE whatsapp,...etc

im using Firepower over ASA5512-X, version is 6.2

Apps on firepower.JPG

0 Helpful

mikael.lahtela
Level 4
Level 4
In response to Samer R. Saleem

‎12-13-2017 10:10 AM

Do you get block logs in connection events and if so what do the look like?

br, Micke
0 Helpful

Samer R. Saleem
Level 4
Level 4
In response to mikael.lahtela

‎12-13-2017 09:54 PM - edited ‎12-13-2017 09:57 PM

 

the action is block please check attached.

 

Logs.JPG

0 Helpful

mikael.lahtela
Level 4
Level 4
In response to Samer R. Saleem

‎12-15-2017 03:36 AM

Ok, so you have block on all "Skype tunneling"?
If you look in the table view och connection events, can you see what rule the application is blocked on?
Can you do a packet-trace from and post that here?
Is the Skype Tunneling included in the rule?

br, Micke
0 Helpful

Samer R. Saleem
Level 4
Level 4
In response to mikael.lahtela

‎12-16-2017 04:07 AM - edited ‎12-17-2017 01:56 AM

Hi,

 

i have added the skype tunneling, but still the same, and the thing is i noticed the initiator user shows unknown in the connection events, while im trying to filter based on username...

after checking i found my AD user agent domain is not matching with realm configs for AD primary domain

i have changed both to be matching now but still the user is not showing, while its showing in user activity list...

 checking some websites, it seems to be a bug in Firepower, I'm using v6.2.0.2

 

any idea how to solve this issue?

 

0 Helpful

mikael.lahtela
Level 4
Level 4
In response to Samer R. Saleem

‎12-22-2017 04:19 AM

ok, to get rule hit all the variables configured in the rule must match.
So if you have a rule that is defined as allow, source network, application and user you need to get match on all three of the parameters for the rule to work.
Sounds like you have some kind of issue with the AD user agent, guess you need to try to figure out what the problem is with that.
If the configuration looks correct and it's still not working I would sudgest to contact Cisco TAC.
Here is some links, some of the information might be old:
https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118131-technote-sourcefire-00.html

https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118674-technote-useragent-00.html

https://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118159-troubleshoot-firesite-00.html

br, Micke
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top