TeamViewer

Status

Fully working, with additional configuration (listed below).

Configuration

  • Go to the Firewall -> Egress page.
  • Select an appropriate group (e.g. the Everyone group).
  • Add the TeamViewer bundle and set its action to Allow.

Detail

TeamViewer tunnels non-HTTPS traffic through the proxy. Since the traffic is not HTTPS, it must be excluded from HTTPS interception. Unfortunately, whilst some of TeamViewer's connections are to the teamviewer.com domain, it also makes connections to arbitrary IP addresses without specifying the host name in the proxy CONNECT request or TLS handshake. This makes it impossible to exclude only TeamViewer's traffic from HTTPS interception.

Fortunately, TeamViewer can also use TCP port 5938, so a firewall rule can be added allowing this traffic.

Some of this information is from the TeamViewer website: https://www.teamviewer.com/en/help/334-Which-ports-are-used-by-TeamViewer