[Forcepoint] [WCG] Sites and application that have issues with Websense Proxy

Modified on Mon, 21 Jan, 2019 at 4:30 PM

Application: 
Skype

Solution: 
In order to get Skype working via Proxy, we will need to force it to use TCP to allow us to tunnel it via the WCG. Configuration is done both server side and client side
Server Side:
     Go to WCG > Configure > Protocols > HTTPS
     Tunnel Skype: Enabled
Client Side:
     Edit the attached .reg file with the correct proxy address and then apply it on the client computer then restart Skype.




Application: 
Google Drive App


Solution:
Edit the shortcut for the Google Drive and add the switch at the end:

Change "C:\Program Files\Google\Drive\googledrivesync.exe" to "C:\Program Files\Google\Drive\googledrivesync.exe" --unsafe_network


Open a command prompt and navigate to the folder where Google Drive is installed.

At a prompt, run googledrivesync.exe --unsafe_network


You can also push out a registry entry change if Drive Sync is auto starting   

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\GoogleDriveSync].


Add the value --unsafe_network after the quote as shown below.    

"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" --unsafe_network /autostart




Application: 
Dropbox


Solution:
To enable support for DropBox, you will need to filter the application from authentication to the WCG.
On the WCG, go to Configure > Security > Access Control
Under Filtering, click Edit File and add the following rule:

     Rule Type:                        Allow
     Primary Destination Type:  dest_domain
     Primary Destination Value: dropbox.com 

     Click Apply twice, and restart the proxy for the settings to take effect.




Application: 
WhatsApp Web


Solution:
To enable WhatsApp web to work correctly you need to enable the "Web Chat" category and add the following URL to the SSL Decryption Bypass:

*.web.whatsapp.com




Application: 
Spotify (Web & Player)


Solution:
To enable spotify to work, the following URLs need to be added to the SSL Decryption Bypass:

*.spotify.com
*.wg.spotify.com




Application: 
Python & pip


Solution:
To enable Python's PIP service to work correctly, the following URLs need to be added to the SSL Decryption Bypass:

files.pythonhosted.org
pypi.org


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article