Fully working, with additional configuration (listed below).


Add a firewall rule allowing traffic to the internet on TCP port 5938 from the machines which are running TeamViewer


TeamViewer tunnels non-HTTPS traffic through the proxy. Since the traffic is not HTTPS, it must be excluded from HTTPS interception. Unfortunately, whilst some of TeamViewer's connections are to the domain, it also makes connections to arbitrary IP addresses without specifying the host name in the proxy CONNECT request or TLS handshake. This makes it impossible to exclude only TeamViewer's traffic from HTTPS interception.

Fortunately, TeamViewer can also use TCP port 5938, so a firewall rule can be added allowing this traffic.

Some of this information is from the TeamViewer website: