Recent WhatsApp Issue via Adamnet

Good morning.
The last few days WhatsApp pictures are not being downloaded anymore on devices that go through Adamnet. I have them on a variety of different rulesets, some white listing, some black listing.
Can any of the Adamnet Team find a proper fix for this as for now I’m just watching the traffic monitor and opening holes in my pfsense with the IPs that are being blocked, which seems to work good for some phones and not for others.

Hi I had the same issue I opened 2 ipaddress see pic that did work for me

Based on this article Facebook may have changed some of it’s IP’s that you might be missing in your enabler.

Your best bet would be to change from IP based Alias to URL based Alias. You can find out how to do this here.

Make sure to ONLY allow TCP port 443, 5222 and UDP 3478.
You will need to create 2 rules for this

Doesn’t seem to want to work even with this rule…:thinking:

Just tried it on my side and worked 100s for me.

Keep in mind this is for Pfsense users as shared by @williamhofer

Added this and

Works after that.

Must be missing some ips in the URL table.

Yes I could probably get it going with this, but now even the people in my No Internet category get to access whatsapp… There has to be a better solution then this.

Here is a solutions.

that solution does not work…any updates?

Hi Lynden,
Try this article: WhatsApp pfSense firewall rules for Android devices

that rule worked good for a couple days…but on may 15 i started getting complaints from users again that pictures weren’t downloading…so this rule needs an update…the part that I don’t get …WHY doesn’t adamnet show anything being blocked ? not in domain log or traffic log?

Hi Lynden_Waldner, additional firewall tweaks were made and recorded as per the new video link in the following article: pfSense firewall rules for WhatsApp on Android
This has worked for 100% of our managed Clients thus far.
As far as the traffic log not showing any blocked traffic, it could be an indication that a rule within pfSense itself is blocking traffic since they are upstream from the adam:ONE service itself. Just a thought.