|1861 / KB-78||Guardian||All|
The Logmein123 application reports errors
You will need to exclude the Logmein123 application from HTTPS Decrypt and inspect, and Authentication.
Although the Logmein URLs are part of the Remote Desktop category, you need to add them to a custom category so as not to affect operations of similar applications.
When configuring security protocol, it is recommended to allow the LogMeIn URLs to ensure that a connection to all components of LogMeIn is permissible (updating the application, communicating status events such as when online, offline, and so on). The client-to-host connection uses peer-to-peer connections, encrypted within a 256-bit AES tunnel. The services themselves communicate using port 443 (HTTPS/SSL), so no additional ports need to be opened within a firewall.
- Create a custom category with the following URLs:
logmein.com— LogMeIn's main site
logmeinrescue.com— Powers the LogMeIn Rescue service
logmeinrescue-enterprise.com— Powers account specific Rescue features (not needed on normal accounts)
logme.in— LogMeIn common login service allowing login to
hamachi.cc— Powers the LogMeIn Hamachi service
internapcdn.net— Powers updates to multiple LogMeIn products.
LogMeIn123.com— Site used to connect to a LogMeIn Rescue technician
123rescue.com— Site used to connect to a LogMeIn Rescue technician
support.me— Site used to connect to a LogMeIn Rescue technician
join.me— LogMeIn's screen sharing service
cub.by— Redirects back to Cubby services
cubby.com— LogMeIn's cloud storage and syncing service
If you have a transparent authentication policy (in Web proxy > Authentication > Manage policies) for the interface processing LogMeIn traffic, add the following changes:
- Behavior — Allow Transparent HTTPS incompatible sites and filter others using name from certificate
else create a new transparent authentication policy, on the relevant interface, containing the above.
|Last updated:||Author:||Contributions by:|
|27th February 2017||