LogMeIn Rescue not working
search cancel

LogMeIn Rescue not working

book

Article ID: 166117

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

There are some issues to get LogMeIn Rescue to work while protected by Symantec Web Security Service (WSS) product.

Getting LogMeIn Rescue to work with WSS.

Resolution

The solution to deploy will vary depending on how the policy is written and if there is SSL Interception enabled or not.  Please do one of the following solutions depending on how the desired deployment of the environment is:

SOLUTION #1:  SSL interception disabled; enabling access by category

This solution requires that SSL interception is disabled.  (SSL interception is by default disabled in the Cloud.) The following categories should also be allowed :

  • Remote Access Tools (for LogMeIn domains)
  • Computers/Internet (for Akamai domains used by LogMeIn)
  • Non-viewable (for Google analytics)

SOLUTION #2:  SSL interception disabled; allowing specific domains used by LogMeIn

This solution requires to have SSL interception disabled.  (SSL intercept is by default disabled in the Cloud.)  If the Remote Access Tools, Computers/Internet, or Non-viewable categories are being blocked, the following domains should be allowed :

  • logmein123.com
  • logmeinrescue.com
  • logmein.com
  • logmein-gateway.com
  • ocsp.thawte.com
  • google-analytics.com
  • globalsign.com

SOLUTION #3:  SSL interception enabled; enabling access by category

  1. Make sure the Cloud SSL Root certificate is installed on the workstations.  If it is not, an SSL certificate warnings from the web browser will appear.
  2. Allow the categories found in solution #1 above. 
  3. In the portal, go to Service > Network > SSL Interception
  4. Under SSL Interception Exemptions click on the Add button under Destination and add 216.52.233.0/24
  5. Click on the Activate button.
  6. Test

 

SOLUTION #4:  SSL interception enabled; allowing access by domains used by LogMeIn

  1. Make sure you have the Cloud SSL Root certificate installed on your workstations.  If you do not, you will receive SSL certificate warnings from your web browser.
  2. Allow the domains found in solution #2 above.  You may also need the IP address ranges found in the ADDITIONAL INFORMATION section below.
  3. In the portal, go to Service > Network > SSL Interception.
  4. Under SSL Interception Exemptions click on the Add button under Destination and add 216.52.233.0/24.  Also, need to add 64.94.18.0/24 to the list.
  5. Click on the Activate button.
  6. Test

 

ADDITIONAL INFORMATION:

When writing advanced content filtering policy, if the Remote Access Tools category is being blocked, the following IP addresses will need to added to an allow rule:

  • 64.74.103.0/24
  • 64.94.18.0/24
  • 64.94.46.0/23
  • 69.25.16.0/20
  • 70.42.156.0/23
  • 74.201.64.0/20
  • 74.201.74.0/23
  • 77.242.192.0/20
  • 212.118.234.0/24
  • 216.52.233.0/24
     
Powered by Wolken Software