Problem accessing GoToAssist, GoToMeeting, GoToWebinar, GoToMyPC, GoToRoom or GoToTraining with the ProxySG

book

Article ID: 166772

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

GoToAssist, GoToMeeting, GoToWebinar, GoToMyPC, GoToRoom, and GoToTraining websites (provided by Citrix Systems) install an applet on the workstation. If authentication is enabled on the ProxySG appliance, users are prompted to enter credentials during the applet installation. If the authentication request fails, the application attempts to connect on ports other than 80. This in turn causes the firewall to reject those connections.

Resolution

To resolve the issue:

  1. Uninstall the GoToAssist, GoToMeeting, GoToWebinar, or GoToMyPC software through the Control Panel.
  2. Update the Local Policy. See below for instructions.
  3. Re-install the software uninstalled in step 1.
  4. Ensure needed firewall rules are created specifically PORT 8200
    1. Page 3: https://www.gotomypc.com/images/ad/pdf/GoToMyPC_Corporate_Security_FAQs_reseller.pdf
      1. Q: Which port numbers does GoToMyPC use, and can I change the port numbers?
      2. A: GoToMyPC uses one of the several ports that are usually left open for users to access the Internet (port 80 or 443). This means that administrators generally do not need to configure firewalls to allow GoToMyPC connections. If your organization uses a proxy that restricts traffic through port 80 or 443, you may open port 8200 for GoToMyPC 
    2. White listing Rules: https://support.goto.com/meeting/help/optimal-firewall-configuration-g2m060010


Updating the Local Policy to Bypass the Web Site

  1. In the Management Console, select Configuration tab > Policy > Policy Files.
  2. In the Install Policy section on the Policy Files tab, select Text Editor from the 'Install Local File from' pull-down menu.
  3. Click Install. The console displays an Edit and Install the Local File dialog box.
  4. Copy and paste the following text into the field in the dialog box, and then click Install:
;################# BEGIN GoToProducts Exception Policy #################
; Updated 01 July 2019
; Refer to this site for an updated list of domains/IPs:
;https://support.Logmeininc.com/gotomeeting/help/optimal-firewall-configuration-g2m060010
 
;Note(s):​​​
;This script bypasses the following proxy features for GoToProducts related traffic, while also allowing end user access:​
;-SSL Interception​
;-Authentication​
;-Protocol Detection​
 
;---------------------------------------------------------​
;RULES
<ssl-intercept>
condition=GoTo_Exceptions ssl.forward_proxy(no)

<proxy>
condition=GoTo_Exceptions http.method=CONNECT detect_protocol(no) authenticate(no) ALLOW
 
 
;---------------------------------------------------------
;CONDITIONS
 
define condition GoTo_Exceptions
;###GoToAssistDomains
url.domain=assist.com
url.domain=gotoassist.at
url.domain=gotoassist.me
url.domain=fastsupport.com
url.domain=go2assist.me
url.domain=gofastchat.com
url.domain=helpme.net
 
;###GoToMeetingDomains
url.domain=api.filepicker.io
url.domain=filestackapi.com
url.domain=cloudfront.net
url.domain=expertcity.com
url.domain=getgo.com
url.domain=getgocdn.com
url.domain=getgoservices.com
url.domain=getgoservices.net
url.domain=goto-rtc.com
url.domain=logmein.com
url.domain=logmeininc.com
url.domain=logmein.eu
url.domain=raas.io
url.domain=accounts.logme.in
url.domain=internap.net
url.domain=internapcdn.net
url.domain=gotomeet.at
url.domain=gotomeet.me
url.domain=gotomeeting.com
url.domain=joingotomeeting.com
url.domain=openvoice.com
url.domain=jwpcdn.com
url.domain=jwpsrv.com
url.domain=jwplatform.com
url.domain=jwpltx.com
 
;##GoToWebinarDomains
url.domain=launchdarkly.com
url.domain=gotowebinar.com
url.domain=joinwebinar.com
url.domain=webinar.com
url.domain=gotostage.com
url.domain=cdn.walkme.com
 
;##GoToMyPCDomains
url.domain=gotomypc.com
 
;##GoToTraining
url.domain=gototraining.com
url.domain=jointraining.com
url.domain=firebaseio.com
url.domain=firebaseapp.com
 
;##GoToRoom
url.domain=jive.com
url.domain=jiveip.net
 
;GoToMeeting Related IP Blocks
url.address=216.115.208.0/20  ;Block 1
url.address=216.219.112.0/20  ;Block 2
url.address=66.151.158.0/24   ;Block 3
url.address=66.151.150.160/27 ;Block 4
url.address=66.151.115.128/26 ;Block 5
url.address=64.74.80.0/24     ;Block 6
url.address=202.173.24.0/21   ;Block 7
url.address=67.217.64.0/19    ;Block 8
url.address=78.108.112.0/20   ;Block 9
url.address=68.64.0.0/19      ;Block 10
url.address=206.183.100.0/22  ;Block 11
url.address=173.199.0.0/18    ;Block 12
url.address=103.15.16.0/22    ;Block 13
url.address=180.153.30.0/23   ;Block 14
url.address=23.239.224.0/19   ;Block 15
url.address=185.36.20.0/22    ;Block 16
url.address=188.66.40.0/21    ;Block 17
url.address=63.251.34.0/24    ;Block 18
url.address=63.251.46.0/23    ;Block 19
url.address=64.74.17.0/24     ;Block 20
url.address=64.74.18.0/23     ;Block 21
url.address=64.74.103.0/24    ;Block 22
url.address=64.94.18.0/24     ;Block 23
url.address=64.94.46.0/23     ;Block 24
url.address=64.95.128.0/23    ;Block 25
url.address=66.150.108.0/24   ;Block 26
url.address=67.217.80.0/23    ;Block 27
url.address=69.25.20.0/23     ;Block 28
url.address=69.25.247.0/24    ;Block 29
url.address=77.242.192.0/24   ;Block 30
url.address=95.172.70.0/24    ;Block 31
url.address=111.221.57.0/24   ;Block 32
url.address=173.199.52.0/23  ;Block 33
url.address=173.199.30.0/23  ;Block 34
url.address=212.118.234.0/24   ;Block 35
url.address=216.219.114.0/23   ;Block 36
end
 
;############### END GoToProducts Exception Policy ###############​
 
Note: The preceding policy is based on GoToMeeting knowledge base information. Because it is IP-based, it might require adjustments in the future. It may also be required to add some of the IPs that can be found in this site, as GoTo products also use other third-party services.