Setting bluejeans with a proxy.pac file.

  • 1
  • Question
  • Updated 4 months ago

 The problem is that the bjn.vc is trying to connect directly to a bluejeans server (without going through the proxy). This is getting blocked since there is no direct Internet access from internal network:  I could  specify a URL in a PAC file to bypass Content Gateway but our network guys says that will cause other problems.     

Is there another way or other possible solutions?

Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

Posted 8 months ago

  • 1
Photo of Axel Albrecht

Axel Albrecht

  • 110 Points 100 badge 2x thumb
Hi Marcel. Is this for the Relay server installation or for another connection? Could you slightly elaborate on this please? Axel
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

No we are leveraging what's in-place. I use bluejeans.com/111 for the test. When I start the Bluejeans app with Chrome this goes through the proxy but when the app  is trying to connect to the bjn.vc directly to internet rather using the proxy.   Both  sites were whitelist: *.bluejeans.com  & *.bjn.vc .

The network guy confirmed that all the request that the application does through the proxy are permitted.

Photo of Axel Albrecht

Axel Albrecht

  • 110 Points 100 badge 2x thumb
Marcel are you a colleague from Remco in the Netherlands? Just checking if a call might be faster here. Look forward to your feedback
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

No, we are in Montreal, Canada


Photo of Axel Albrecht

Axel Albrecht

  • 110 Points 100 badge 2x thumb
ah excellent, you have a "name brother" that is looking into exactly the same issue.
Photo of Axel Albrecht

Axel Albrecht

  • 110 Points 100 badge 2x thumb
I will leave you in the hands of the BlueJeans team here on the Messageboard to address this further. Hope this instruction set might help. It sound like you might need to allow a bypass of the proxy for the specific video traffic listed here: 
https://support.bluejeans.com/knowledge/tcp-udp-ports
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

Thanks Axel, looking forward with Bluejeans team. Thanks a million

FYI we don't use BlueJeans Rooms just the basic. As per my Firewall guys not all the port are open but open enough to make it work all the issues are around the bjn.vc  but I wasn't aware of these Akamai or AWS will check with the guys.

Photo of Lee Snyder

Lee Snyder, Official Rep

  • 5,158 Points 5k badge 2x thumb
Hello Marcel,

If I understand this correctly, the issue is that the traffic coming from the BlueJeans desktop app is not routing through your proxy whereas the traffic on the browser is?

Regards,
Lee - BlueJeans Support
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

Yes, When the Firewall guys perform a sniffing with wireshark tool to see that bjn.vc is trying to connect directly to internet and by passing the proxy.pac and that is the problem.


Photo of Lee Snyder

Lee Snyder, Official Rep

  • 5,044 Points 5k badge 2x thumb
Hello Marcel,

Is this a web-proxy that is set to look at specific ports? The desktop application should use the same ports that the browser version of BlueJeans.

If you look at our TCP/UDP Ports Guide, you can see what IP ranges and Port ranges that BlueJeans uses. You can take this information and configure your proxy to route media on those ports through the proxy.

Regards,
Lee - BlueJeans Support
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb
I think so but I will ask my team to confirm this. I will ask my Firewall guy to valid and test your suggestion
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb
He says that the problem is that the application does not go through the proxy. Ports are allowed on the proxy. (See the log)
Photo of Lee Snyder

Lee Snyder, Official Rep

  • 5,044 Points 5k badge 2x thumb
Hello Marcel,

The proxy would need to have rules or exceptions put in place so that any traffic must route through it first. You would need to reach out to the provider for your proxy to determine how to achieve this.

Regards,
Lee - BlueJeans Support
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb
Lee, I do have the cookbook to do the exception but the network team won't do the exception because it is causing other issues on the network (They did the test).      But all of us have the same question as why .bluejeans.com goes via the proxy but not the other domain *.bjn.vc that doesn't go the same path, why this behavior ? maybe it should be your app that should be tweak ?  Thanks
Photo of Marcel

Marcel

  • 150 Points 100 badge 2x thumb

Can the BlueJeans app on Windows work solely through Outbound TCP Port 443, going through a web proxy, or it also needs TCP 5061 or 5000 as well as Outbound UDP Ports 5000-5999?

From https://support.bluejeans.com/knowledge/system-requirements, UDP ports wouldn’t be mandatory: “For strict firewall rules where all UDP ports are blocked, video/audio will work via TCP port with less optimal video experience.”
Photo of Lee Snyder

Lee Snyder, Official Rep

  • 5,044 Points 5k badge 2x thumb
Hello Marcel,

As stated in the knowledge-based article, we do not require you to open the UDP ports but we do recommend it. In your testing, with the TCP 5061 or 5000 as well as Outbound UDP Ports 5000-5999 closed does the traffic on the application go through your proxy successfully?

If that is the case, I think the combination of the rules in your proxy and the 443 port open, you should see minimal quality issues. I would always recommend testing to determine how the quality comes in.

Regards,
Lee - BlueJeans Support
Photo of Matthew Dreher

Matthew Dreher

  • 60 Points
Has this issue been resolved inside the blue jeans app or is it being worked on?  I having the exact same issue.  Blue Jeans runs and loads fine when using Chrome.  But for the app to work, I have to go and turn off my proxy configuration settings inside IE in order for the app to open.  My company is also using a .pac file, in which we are just users, and not able to manipulate the .pac file, or network settings.