Viber is a voice over IP application. Unlike Skype, it has no proxy settings. This means it can only be sent to the proxy transparently. Some policies can restrict or allow Viber traffic when intercepted by the ProxySG
Viber uses the following ports:
Since the ProxySG can't intercept UDP traffic the UDP ports must be sent to the internet directly. This will need to be done on the device doing Policy Based Routing.
The ProxySG does not understand Viber traffic but it can intercept it, apply some basic Allow or Deny policy and forward the traffic to the internet.
In order to intercept Viber traffic, you can enter these commands in the Command Line Console:
#(config proxy-services)edit Viber_Tunnel
#(config Viber_Tunnel)add transparent 4244
Service Name: Viber_Tunnel
Proxy: TCP Tunnel
Source IP Destination IP Port Range Action
<All> <Transparent> 5242 Intercept
<All> <Transparent> 4244 Intercept
After traffic is intercepted, policy can be configured to Allow or Deny based on Source Client IPs in an SSL Access Layer, as follows:
In the image above, Viber_Ports is a Combined object that includes Ports 5242 and 4244. If any of those two ports match, this rule will deny traffic from client 22.214.171.124
In the case of explicit proxy configuration, the Viber application does not use system's proxy settings and sends traffic directly through the gateway. So in case of the gateway is not allowing any internet traffic for user's system or destination ports, Viber application will not work.