WeChat file download random problems (WSS Agent)
Article ID: 232178
Updated On:
Products
Issue/Introduction
WeChat application is often not allowed to download attachments when connecting via WSS Agent
Cause
This issue is present if Suspicious category is blocked.
When attachment download via WeChat is happening, the following URL format is used:
http://<ip-address>/download
The <ip-address> often changes to one of many IPs used by WeChat. Part of them is known and categorized as "Chat (IM)/SMS", others are new and can be "Uncategorized" or belong to "Suspicious" category:
What is more, many IPs belonging to WeChat have high Risk Level - e.g. the above IPs had this Risk Level as per 13th January 2022:
101.226.226.249 - Risk Level 3
101.226.232.160 - Risk Level 6
Resolution
While WeChat would be responsible to ensure their IPs are correctly categorized, what can be done from WSS administrator perspective is to bypass the WeChat traffic. Steps to follow are:
1. Ensure you are using latest WSS Agent release
2. Login to WSS portal and go to "Connectivity > Bypassed Traffic > Bypassed Executables"
3. Add the following bypass:
**\Tencent\WeChat\*
- Single asterisk (*) — Matches any full single path component: file or folder name. Partial components cannot be wildcarded.
- Double asterisk (**) — Matches any number of consecutive path components
Once WSS Agent reconnects, it updates the bypass list. Since then WSS Agent will not send traffic from this executable to WSS.
Attachments
Feedback
