This knowledge base article will talk about accessing WebEx when using the Umbrella Secure Web Gateway (SWG).
Cisco Webex Meeting is a web conferencing app which may have problems running on SWG depending on your Umbrella policy settings. Issues such as audio connection problems may occur. This article will go over how Umbrella should be configured.
Note: the domains and IP addresses (CIDR ranges) used by Webex are dynamic and can change without notice.
The current list of domains used by Webex can be found here:
The current list of CIDR ranges used by Webex can be found here:
- In the Umbrella dashboard --> Deployments --> Domain Management --> External Domains & IPs, add all Webex-related domains and IP address ranges and to the external domains & IPs list under Deployments, Configuration, Domain Management.
- If using Cloud Delivered Fire Wall (CDFW) tunnels, exempt the traffic related to Webex domains and IP addresses from entering the tunnels on your IPsec device.
Webex cannot function when this traffic is decrypted. Furthermore, with the inherent nature of Webex traffic, it is not recommended to send traffic be sent to SWG.
The attached files cidr_webex.csv and domains_webex.csv contain the Webex-related CIDR ranges and domain names as of April 2022, and can be uploaded into Umbrella.
- Add the IPs and domains for Webex to a relevant Umbrella "Allow" Destination List
- Add the Webex-related domains to a Selective Decryption List to ensure this traffic is not decrypted. (IP addresses by default are not decrypted and do not need to be added.)
What about using Application Settings to allow Webex?
Umbrella Application Settings works using domains only; it is unable to handle or process IP addresses. As a result, it will be unable to control the IP addresses used by Webex.