Jump to content
rmturpie

Kaspersky 10 and Microsoft Direct Access [In progress]

Recommended Posts

Hi all,

 

I am having problems when trying to connect Windows 7 clients to our Direct Access server. The clients are all Windows 7 Enterprise or above and the DA server itself is running Server 2012R2. We are using Kaspersky Endpoint Security 10 for Windows 10.2.1.23 and network agent 10.1.249.

 

Before I installed Kaspersky on the DA server all the clients could connect fine. Kaspersky is installed on the clients and the KAS client policy under Anti- Virus protection, General Protection Settings allows Svchost.exe as a trusted application and https:443 is excluded from port monitoring as detailed in other threads. I am not using the Kaspersky firewall.

 

I thought it would be as easy as creating another server policy just for the DA server and then adding the same exceptions as I had for the clients, but when I install Kaspersky on the servers the same options are not available and clients cannot connect until I uninstall Kaspersky form the DA server. Then everything instantly connects!

post-494097-1459438780_thumb.jpg post-494097-1459438797_thumb.jpg

 

Why is is that I cannot see the monitored ports option when I push the policy to a server and yet I can when it is pushed to a client? I have checked the server policy and it is there?

post-494097-1459439275_thumb.jpg

 

Has anyone got this working and if so how do you configure the Kaspersky policy for the DA server to allow Direct Access through https:443??

 

Thanks

 

Robert

 

Share this post


Link to post

Hi,

 

Could you please provide us with more details?

What KES version do you use?

 

Were there any steps made to troubleshoot the issue?

 

Thank you!

Share this post


Link to post

Hi Nikolay,

 

in my case;

 

Operating system: Microsoft Windows Server 2008 R2

Network Agent version: 10.1.249

Anti-virus version: 10.2.1.23

 

i already tried to exclude monitor https port 443 and RAMgmtUI.exe (directaccess exe) but still didnt work.

it seems out traffic from DA server was bloked but there's no information what file or process bloked

 

regards,

 

hery

 

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.