I'm looking for a proper way to allow the iOS Ring app to connect back to the video feed from an iOS device. Android phones work with no issue.
The problem is that it reports the web URL category as "unknown" which I am currently blocking.
I wrote my policy (below) to allow ssl traffic for all unauthenticated users (mobile devices) to connect to the Ring IP address range, and assigned a new URL filtering policy that mirrors our current URL filtering policy, with the exception that "unknown" category is set to Alert instead of block.
Is there a more proper way to do this?
Specifically the iOS ports TCP out 80, 443, 5223, 15064 and UDP out 53, 123, 18306 - 63919
Ring IP range: 18.104.22.168-22.214.171.124
I know this is an older thread, but we are experiencing this issue as well. All of the functionality within the Ring app works as far as we can tell except the live video feed. The other Ring traffic hits URL Category: business-and-economy.
The live video feed traffic is showing up in our URL filtering logs as category: unknown, and action is block-continue. Unlike the rest of the Ring traffic, these requests are not resolving DNS, so the URL entry just shows an IP address:15064, so I don't have a list of URLs to add to a category.
Thoughts/ideas to get this to work without allowing unknown category?
I've had this issue for a while and have just looked into it further.
In our case I just changed the unknown category to alert.
However I understand that this might not be appropriate in all cases.
To keep the unknown URL category blocked, what you could do is create a rule above your web browsing policy to permit ssl on TCP/15064 to the internet, and on this rule have a URL filtering profile applied which permits unknown URLs.
If you wanted to make this more specific you could set up an external dynamic list for Amazon AWS using MineMeld and use that as the destination address.
Hope that helps 🙂
I know this is an old post, but I just ran into this problem as well. I have two Ring Cameras, one door bell cam and one stick-up cam in my backyard.
All of sudden, both cams stopped showing recorded images and the live feed didn't work.
I did get motion alerts, but when I tried to click on live view the image just never showed up.
After some investigation, I found that RING was being stopped by threat prevention in the Palo.
In the logs it appeared that there were to instances of calls being made from the inside that hit the Threat policy.
Suspicious TLS Evasion Found on port 443 and
Microsoft Communicator INVITE Flood Denial of Service Vulnerability on port 15063
Both of which where informational.
To mitigate this I created a new Security Profile where I removed dropping packet that where on informational nature and added that to a policy that matched the predefined RING application.
Once that was done, all feeds and events came right back up.
Thanks for posting your solution, but I am not clear on how you see it in the logs? Which log were you seeing the threat? I can not find any log details that match up with this. Also, which security profile did you setup? I tried matching the Ring application and then just not having any security profile at all...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!