cancel
Showing results for 
Search instead for 
Did you mean: 
theravan
Level 9

Allow GoToMeeting, Webex and GoToMyPC

I have WG7x.  How do I allow GoToMeeting, Webex and GoToMyPC type application thru the WG?

0 Kudos
13 Replies
feeeds
Level 9

Re: Allow GoToMeeting, Webex and GoToMyPC

Was this question ever answered, or does someone have a good way to troubleshoot these issue. We are testing WG7 and run into issues with all webex type site.

0 Kudos
imtrying
Level 10

Re: Allow GoToMeeting, Webex and GoToMyPC

I had this issue with gotomypc.com.  I finally open a ticket for support and had to provide them a feedback file and tcpdump of failure.  There answer was to whitelist the ip?  Seemed to work, although we took the approach of placing those machines on a public drop to protect the network from remote access.

Message was edited by: imtrying on 12/14/11 1:35:20 PM CST
0 Kudos
alexott
Level 11

Re: Allow GoToMeeting, Webex and GoToMyPC

Hello

What kind of problem do you have with them? Connection is stuck or something else?

0 Kudos
feeeds
Level 9

Re: Allow GoToMeeting, Webex and GoToMyPC

The sites timing out would be the biggest issue. There are so many flavors of webex these days that adding them be source IP would be time consuming.

0 Kudos
alexott
Level 11

Re: Allow GoToMeeting, Webex and GoToMyPC

In the 7.1.6 there is new functionality - Streaming detector, I think that it could help you

0 Kudos
theravan
Level 9

Re: Allow GoToMeeting, Webex and GoToMyPC

Here is what I did.  Added a rule under "Authenticate and Authorize" called "Auth Bypass".  Rule Criteria "URL.Host" matches in list "Auth Bypass URL Hosts".

Then added *gotoassist.com, *gotomeeting.com, *.webex.com.

This seems to work.

I am also thinking about adding these sites to the list "Response URL Host Without Path Whitelist" under  "Handle Special Sites".

0 Kudos
musaleem
Level 7

Re: Allow GoToMeeting, Webex and GoToMyPC

When using Web Gateway's HTTPS proxy with SSL scanning enabled, the client cannot establish a connection with GoToMeeting.com, GoToAssist.com, and other CitrixOnline sites. Also, the test client available for CitrixOnline customers sometimes fails. Bypassing the SSL scanner for CitrixOnline.com, GoToAssist.com, and/or GoToMeeting.com is not an effective solution.

https://kc.mcafee.com/corporate/index?page=content&id=KB65836&actp=LIST

please follow the KB, i had same issue with my Web gateway 7.0, its working fine now after doing the changes mentioned in the KB.

0 Kudos

Re: Allow GoToMeeting, Webex and GoToMyPC

We have the same issue as the user: imtrying. Is there a way to get these sites to work and block the remote access feature? During the WG7 training, the trainer mentioned that the only way he could think of a solution for this was a reverse engineer of the traffic and block the remote access connection attempt at a byte level.

Does McAfee have a ruleset on this and can a solution be provided? Multiple large organization could benefit from this... The KB article mentioned by musaleem includes a bypass/exception in both solution.

0 Kudos
McAfee Employee

Re: Allow GoToMeeting, Webex and GoToMyPC

Hi Richard,

You could use the rules found in the links below, then enable SSL scanning for them, that is the functionality in MWG that breaks the remote access part (because its not actually HTTP within the SSL tunnel).

ftp://ftp.support.securecomputing.com/outgoing/webex-list.txt

ftp://ftp.support.securecomputing.com/outgoing/citrix-list.txt

These rulesets allow it, but the same concept could be done to enable ssl scanning.

~Jon

0 Kudos