KB Article | Forcepoint Support

Problem Description

Forcepoint Technical Support is now using Zoom for group remote sessions instead of the GoToMeeting products. If using a Websense Content Gateway(WCG) with SSL Decryption enabled, it may be necessary to add Zoom's information as a SSL Decryption Bypass to allow a remote session.
 

Resolution

Important For customers who have agreements with GoToMeeting and do not allow Zoom in their environment, the customer can send a GoToMeeting email request to the case for the technical support agent to join. This article explains troubleshooting steps for the primary way that Forcepoint Technical Support creates remote sessions.

In order to resolve this issue and allow Zoom through, follow the steps below.
  1. Log on to FSM (Forcepoint Security Manager).
  2. Click Scanning > bypass settings > Destination > Add.
  3. Add the following entries as URLs if not already present in the list:
    • tunnel11.zoom.us
    • redirector.gv11.com
    • meetingconnector.ip
    • meetingconnector.ip2
    • meetingconnector2.ip
    • meetingconnector2.ip2
    • zoom.crc
    • zopim.com
    • *.ny.zoomcrc.com  
    • ny.zoomcrc.com
    • *.sj.zoomcrc.com 
    • sj.zoomcrc.com
    • *.zoomgov.com 
    • zoomgov.com
    • *.zoom.us
    • zoom.us
    • www.google.com/recaptcha/api2
If bypassing SSL Decryption in the Forcepoint Security Manager does not enable Zoom, an alternative is to create an Incident (Tunnel) in Content Gateway instead.
Important If added as a bypass in SSL Incidents, these URLs will be allowed for all parties going through the Content Gateway, and no filtering will be applied.
  1. Log into the Content Gateway Manager.
  2. Navigate to Configure > SSL > Incidents > Add Website.
  3. Select By URL and the action to Tunnel.
  4. Add the entries from above, these steps will need to be repeated for each.
  5. Click Apply

Note If the following URLs above do not resolve the issue, you may have to add each of the IP addresses for Zoom to Configure > Networking > ARM > Static Bypass > Edit File on the Content Gateway Manager. These are located in the Zoom article mentioned below.

If these settings do not work, please refer to the Network Firewall or Proxy Server Settings for Zoom article for additional information regarding configuring network firewall or proxy settings.





Keywords:
bypass; ssl incident; tunnel; zoom; application; remote session; ssl decryption; websocket; web application; traversing proxy; wcg

Article Feedback



Thank you for the feedback and comments.