You need to exclude the LogMeIn123 application from HTTPS Decrypt and inspect, and Authentication. Although the LogMeIn123 URLs are part of the Remote Desktop category, you need to add them to a custom category so as not to affect operations of similar applications.
When configuring security protocol, we recommend that you allow the LogMeIn123 URLs to ensure that a connection to all components of LogMeIn123 is permissible (updating the application, communicating status events such as when online, offline, and so on). The client-to-host connection uses peer-to-peer connections, encrypted within a 256-bit AES tunnel. The services themselves communicate using port 443 (HTTPS/SSL), so no additional ports need to be opened within a firewall.
Procedure
-
Create a custom category for the following URLs:
- logmein.com
- logmeinrescue.com
- logmeinrescue-enterprise.com
- logme.in
- hamachi.cc
- internapcdn.net
- LogMeIn123.com
- 123rescue.com
- support.me
- join.me
- cub.by
- cubby.com
- apprep.smartscreen.microsoft.com
- secure.logmeinrescue.com
- login.microsoftonline.com
- symcb.com
- Create a do not inspect HTTPS inspection policy with this custom category:
- Who: "Everyone, or the relevant user or groups to apply this policy to."
- What: "The custom category that you created."
- Where: "Everywhere, or the relevant location to apply this policy to."
- When: "Always, or the relevant time slot to apply this policy to."
- Action: "Do not inspect"
- Create an authentication exception with this custom category, see our help topic, Creating authentication exceptions:
- Category: "The category you created."
- Make sure that you have a transparent HTTPS for the interface processing LogMeIn123 traffic with this setting, see Creating authentication policies:
-
What: Configure the options that you want but make sure that Behavior is set to this:
- Behavior: "Allow Transparent HTTPS incompatible sites and filter others using name from certificate."
-
What: Configure the options that you want but make sure that Behavior is set to this: