Note: This knowledge base article has been written using information provided by LogMeIn support.
This article shows you how to allow GoTo Services to work through a Smoothwall.
GoTo services, such as GoToMeeting, have trouble connecting whilst going through your Smoothwall with HTTPS inspection in use.
A category has been released for GoTo Services, putting this into a Do Not Inspect policy, as well as configuring your firewall correctly should allow the GoTo Software suite to work as expected.
Add this category to a Do Not Inspect policy, see our help topic, Creating HTTPS inspection policies:
- Go to Guardian > HTTPS Inspection > Manage policies and create a policy using the configuration shown below:
- Who: Everyone*
- What: GoTo Software
- Where: Everywhere*
- When: Always*
- Action: Do Not inspect*
* Change Who, Where, When, and Action as appropriate.
- Click Confirm, review the new policy settings and click Save.
Note: Make sure your Do Not Inspect policy is above other HTTPS inspection policies.
You will also have to make sure that the interface being used Allows transparent HTTPS incompatible sites and filter others using name from certificate.
SIP Network Application Helper will need to be turned on in Network > Settings > Advanced. In the Network application helpers section select SIP and click Save Changes.
Allow access through the following ports on your Firewall for GoTo products, see our help topic, Adding new Smoothwall Firewall rules:
- TCP ports:
- UDP ports
- Additionally, GoToMyPC, GoToAssist and GoToWebinar require TCP & UDP Port
1853and TCP Port
Go to Network > Firewall > Firewall rules and add a rule like the one shown below:
- Name: GoToSoftware
- Source IP addresses: As required*
- Inbound interfaces: As required*
- Destination IP addresses: As required*
- Outbound interfaces: As required*
- Create > New Service.
- Name: GoToSoftware,
- Protocol: TCP & UDP, Port:
- click Add Item.
- Create > New Service.
- Groups: As required*
- Action: Accepted
- Once you have completed the Firewall rule entry, click Save Changes.
- Next, add the SIP port to that firewall group:
- Go to: Network > Settings > Service object manager > GoToSoftware > Edit
- Add New Service: TCP :
5060and click Save Changes.
- Repeat these steps for the XMPP service manager object, adding the new service for TCP
Note: You will need to add a GoTo Software Suite category into a Web Proxy Authentication Exception by going to Web Proxy > Authentication > Exceptions and Add the GoTo Software Suite. See our help topic, .