Meraki Community

Andrewww1

Hi all,

I don't know if anyone faced the same issue but when our PCs are connected with VPN to Secure Connect Whatsapp calls become unavailable, when we try to call someone Whatsapp keeps saying that it's trying to establish the connection but with no success. We have tried to do traffic steering for the required IPs for Whatsapp but keep facing the same issue. It only works if a person calls the pc from Smartphone, vice versa it doesn't work. If two PCs call each other it doesn't work if only one PC is connected with Secure Client. From umbrella perspective we have allowed everything and disabled any kind of security for testing purpose. Have you faced the same issue? Were you able to solve it?

Thanks for your help

KH

Hey @Andrewww1

Have you taken a packet capture by chance to ensure all IPs are passing/going through the tunnel properly? Many times some traffic isn't mentioned in the range that the vendor provides. I would take a PCAP while disconnected from the VPN and then while you are connected to compare. Alternatively, support should be able to assist you in doing so and I would recommend giving them a call if you aren't comfortable doing so yourself.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it

Andrewww1

Hi @KH ,

thanks for the reply, yes I have added both the IPs for VPN and non-VPN seen during pcap but it doesn't work. I have already contacted the support with a ticket but I posted here to know if someone has faced the same issue and was able to find a solution.

I would like to ask a question, I have done traffic steering for the IPs associated with WhatsApp, is it normal that I see logs for Firewall in Umbrella dashboard even if I am using traffic steering for those IPs?

Thanks

GreenMan

It depends what you mean by traffic steering. Do you mean that you configured WhatsApp to break out to the Internet locally? This would be part of the reason for running pcaps - does the traffic show within captures on an Internet or a VPN interface? If it sill shows in VPN - and you're getting matching FW logs in SC - you can be pretty sure that traffic is still being tunnelled, and you'd want to look at your local breakout config. Don't forget to consider traffic flowing in the opposite direction too, when reviewing the captures.

Andrewww1

Hi @GreenMan , yes I have done only traffic steering for Secure Connect Client VPN at the moment because the customer is OOO till the end of August (the problem is the same when the customer is in the office because the site is attached to Secure Connect). Yes I am constantly seeing traffic logs about FW in Umbrella for the IPs that I have added to traffic steering and the traffic is seen on VPN interface. I had a call with the Support but unable to explain why the traffic is present in the logs and they will update when they will investigate further.

One question about traffic steering, I have added a lot of subnet /24 associated with public IPs from both WhatApp and Facebook, is it correct? Attached you will find the configuration.

Gary_Geihsler1

Are you seeing this issue with users on remote access VPN or behind a Secure Connect protected site or both?

Andrewww1

Hi @Gary_Geihsler1 , seen on both even if I am using Traffic steering for the IPs seen in the pcap during a WhatsApp call

Meraki Community

Whatsapp call problem with Secure Connect Client VPN

Whatsapp call problem with Secure Connect Client VPN