03-10-2016 10:11 AM
Hello,
I'm trying to allow users to be able to send photo's with iMessage.
It's getting blocked due to policy however I would like to allow just the photo to be sent.
TCP_DENIED_SSL/403 0 POST https://p12-content.icloud.com:443/M184B68849E5AA0D8DEFF37E90C933887B4B372722FC2D76A7DFA5A8DB282A02C.C01USN00/authorizePut - NONE/- - BLOCK_WEBCAT_12-Elevated_Access_Policy-Corporate_Mobile_Devices-NONE-NONE-NONE-NONE <IW_osb,0.0,1,"-",-,-,-,-,"-",-,-,-,"-",-,-,"-","-",-,-,IW_osb,-,"-","-","iCloud","File Sharing","iCloud Photos","-",0.00,0,Local,"-","-"> - "IMTransferAgent/1000 CFNetwork/758.2.8 Darwin/15.0.0"
Is there a way for me to allow that "iCloud Photos" in a custom cat with regex? If so what would the regex be?
I've tried \iCloud\Photos but that didn't work.
Thanks
03-10-2016 02:34 PM
03-10-2016 04:31 PM
Yeah I don't want to allow all of the icloud domain or online storage and backup.
This is why I want to just allow the iphoto. Right now users cannot send or recieve pictures with their iphone while on the corporate wireless, they need to disconnect and go on LTE which I want to avoid.
03-10-2016 04:37 PM
You need to inspect the logs for iPhoto traffic that been blocked to see any similarity in the links (for example if they are all have wording of "authorizePut")
Then you can use that regex to allow only \.icloud\.com/.*authorizePut and block the all the domain
03-10-2016 04:40 PM
what about the "IMTransferAgent/ part of the log?
\.icloud\.com/.*IMTransferAgent
would that be a thing?
03-10-2016 04:43 PM
"IMTransferAgent/1000 CFNetwork/758.2.8 Darwin/15.0.0" in the log is the user agent used for the traffic.
You can not use it in the regex in the custom URL category.
If you allow based on user agent, you will be allowing all traffic from that user agent which you do not want to
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide