Overview
When using the Whatsapp messenger, the traffic might be dropped for no apparent reason. It may cause various issues with sent/received messages and downloading attachments both on mobile phones and web applications.
This article provides instructions on how to allow Whatsapp through Kerio Control Traffic Rules and Content Filter.
Important: if Whatsapp is delaying messages or frequently disconnects, please consider disabling a 3-way handshake by modifying configuration parameters.
Solution
Whatsapp uses TCP 443 (HTTPS) to pass the majority of the connection traffic but it also uses TCP 80 (HTTP). If the voice functionality is triggered, then ports 4244, 5222, 5223, 5228,50318, 59234, 5242 are used.
UDP Ports: 34784, 45395, 50318, 59234.
With strict firewall policies, these ports might be intercepted by Traffic Rules.
Moreover, in terms of HTTP/HTTPS content filtering, Whatsapp is usually transferring the data through web.whatsapp.com and privatestats.whatsapp.net. These URLs should be allowed by Content Rules.
- In Kerio Control administration, create a separate service for the necessary Whatsapp ports.
Protocol: TCP/UDP
Source port: Any
Destination port: 80,443,4244,5222,5223,5228,5242,34784,45395,50318,59234 - Create a traffic rule to allow Whatsapp services.
- Create a content rule for proper Whatsapp HTTP/HTTPS functioning.
Testing
Open Whatsapp mobile, desktop, or web app and verify all the functionality is working as intended.