Tunein Radio through http(s) proxy

edited March 2019 in Firebox - Proxies

Can't get TuneIn radio stations to work through the Http \ https proxy. I had to add a packet filter instead but why? Traffic Monitor is not showing any denied connections, logging is on.

Fireware 12.3.1 U1 m400

Comments

  • This one works for me - the only one that I tried - via my HTTPS proxy:
    https://tunein.com/radio/Alt-Hits-s249990/

    I do not block any Content Types on the HTTP proxy action which is listed in my HTTPS proxy action.

  • I found that if I uncheck "Enable Gateway AntiVirus" on my HTTP proxy, then Tunein works fine. When that is checked, no stations work including the one you posted.

  • Narrowed it down some more. If AV Scan is enabled for URL Paths None Matched or Content Types If matched, then TuneIn radio stations do not work.

  • I have AV scan on Content Types - None matched.
    I can't get XTM to log the Content Type being used here - it could be audio/* which I Allow and no not AV scan

  • I could not scan audio/* and not scan URL paths but those are scanned by default when Gateway AV is enabled so it seems like I shouldn't need to do that. It seems like a bug. Tested on 12.4, still having the same issue.

  • Then open a support incident on this.

  • Exact same problem with TuneIn on proxy with Gateway AV enabled, T-35W (error exists through versions 12.1-12.4). No errors in log even with debugging log level. When AV is disabled it works through proxy. Did you make a support case? If so, what was wrong?

  • Made a support case but all they said was to add proxy exceptions so it was kind of a waste of time. I tested a few stations that I use and added the url as an exception. After adding 3 or 4 exceptions, the stations I use are working but I'm sure there's many more url's depending on the station so not a good solution. It doesn't seem like AV should stop this from working but I didn't push them for another solution.
  • ok, thanks for the feedback. Was afraid that you were going to say that :smile: But hey, there's only 100k stations on TuneIn. So let's start typing in exceptions :wink:
    Guess i'll have to use specific proxy-rules without AV on those devices in questions. My case Sonos and Google Home units only. Thanks again!

  • edited July 2019

    Adding *.musicradio.com to HTTP Proxy Exceptions, this is what showed up the site when playing Tunein thru Sonos. Once I added the exception I was able to re-Enable Gateway AV. Tunein radio thru Sonos now worked.

  • I found this topic after looking on the internet, I have same issue that the Tunein radio sometime doesn't work. If I understand correctly is that some channel does works and another one not en the only solution is to use whitelist in http proxy?

    Is there any update/fixed

  • I believe the issue still exists on 12.5.2. You basically need to try loading each of your stations to see what url they contact and add the proxy exceptions.

  • I had the same problem for the ABC Lounge Jazz internet radio.
    And I have been able to find and fix my connection problem.

    Somehow, in my firewall I had to configure a HTTP Proxy Exception (within the Default-HTTP-Client, that is influenced by the Gateway AV).

    Go to Firewall > Proxy Action > Default-HTTP-Client > [edit] > HTTP Proxy Exceptions > add and save the domain that you like to allow as exceptions, alike: [*.openstream.co] in my case.

    Now it works like before.
    Also on/via Sonos.

  • edited June 2021

    The way I fixed this without turning off AV was to add FQDN *.tunein.com to be allowed through the HTTP and HTTPS policy in Firewall Policy Manager

Sign In to comment.