Configuring the ProxySG to intercept Viber traffic
search cancel

Configuring the ProxySG to intercept Viber traffic


Article ID: 166348


Updated On:


ProxySG Software - SGOS


Viber is a voice over IP application. Unlike Skype, it has no proxy settings. This means it can only be sent to the proxy transparently. Some policies can restrict or allow Viber traffic when intercepted by the ProxySG


Viber uses the following ports:

  • TCP ports 5242 and 4244
  • UDP ports 5243, 7985 and 9785

Since the ProxySG can't intercept UDP traffic the UDP ports must be sent to the internet directly. This will need to be done on the device doing Policy Based Routing. 

The ProxySG does not understand Viber traffic but it can intercept it, apply some basic Allow or Deny policy and forward the traffic to the internet.

In order to intercept Viber traffic, you can enter these commands in the Command Line Console:

#configure terminal
tcp-tunnel Viber_Tunnel
#(config proxy-services)edit Viber_Tunnel
#(config Viber_Tunnel)
add transparent 5242
#(config Viber_Tunnel)add transparent 4244
#(config Viber_Tunnel)view
Service Name:   Viber_Tunnel
Proxy:          TCP Tunnel
Source IP         Destination IP    Port Range        Action
<All>             <Transparent>     5242              Intercept
<All>             <Transparent>     4244              Intercept


After traffic is intercepted, policy can be configured to Allow or Deny based on Source Client IPs in an SSL Access Layer, as follows:

In the image above, Viber_Ports is a Combined object that includes Ports 5242 and 4244. If any of those two ports match, this rule will deny traffic from client x.x.x.x

In the case of explicit proxy configuration, the Viber application does not use system's proxy settings and sends traffic directly through the gateway. So in case of the gateway is not allowing any internet traffic for user's system or destination ports, Viber application will not work.