Jump to content
msim

KES 10 SP2 ICMPv6 issue

Recommended Posts

Hi there!

We have few offices connected via VPN tunnels and Windows 10 / Windows Server 2012 R2 hosts with native IPv6 Unique Local Addresses configured. Also we have configured IPv6 static routes between our few offices. Everything works fine, but we have very strange issue when trying IMPv6 from host with KES 10 SP2 (10.3.0.6294) installed to remote hosts (through VPN tunnel). Wireshark shows that: No response seen to ICMPv6 request in frame XXX. We tried to disable all KES modules one by one without any success. The only thing which helps with this issue is full KES removing. If we try the same thing from host without KES everything works fine.

Where is the problem?

Share this post


Link to post

Hi,

Could you please provide us wit GSI report from affected host and with KES traces collected while issue reoccurs?

Thank you!

Share this post


Link to post
6 hours ago, msim said:

Hi there! Any update?

Hello.

Unfortunately, the collected traces from KES are not conclusive on themselves. Please provide a set of traces together with a Wireshark log for the same interval where you are getting the error while all KES components are turned off.

Thank you.

Share this post


Link to post
4 hours ago, msim said:

Hi Kirill!

 

Done. The link is the same: https://nextcloud.hvtns.net:4444/index.php/s/ZUuqythDZhctDuY

The file is KES_disabled_ICMPv6_issue.zip

It contains KES traces and Wireshark packet capture file for the same interval (all KES components were turned off)

Sorry, but we need KES traffic dump collection

To enable KES traffic dump collection create user variable DumpNetworkTraffic="1". To do so:

  1. Open System Properties
  2. Switch to Advanced tab
  3. Press Environment Variables... button
  4. Press New under System variables
  5. Set DumpNetworkTraffic for Variable name
  6. Set 1 for Variable value
  7. Press OK on New User Variable and Environment Variables forms
  8. Traffic dump files will be saved to %ProgramData%\Kaspersky Lab\KES10SP2\Data\traffic

  9. Once the issue reproduced compress the whole traffic directory

Do not forget to disable traffic dump collection. To do so delete DumpNetworkTraffic variable.

We need KES configuration or policy export.

Thank you.

 

Share this post


Link to post

Hi Dmitry!

 

The link is updated. There are the needed traffic dump and policy export files - traffic.zip and policy.klp

Share this post


Link to post

Sure.

I'm just trying ICMPv6 from PC with KES installed to remote IPv6 server (through OpenVPN site-to-site tunnel). If I uninstall KES completely this works. With KES installed - don't work.

That is.

I use unique local IPv6 addresses on both sites - local and remote.

 

P.S. If you wish we can continue our conversation in Russian. I apologize for my bad English. :)

Edited by msim

Share this post


Link to post
On 7/27/2017 at 8:46 AM, msim said:

Hi Dmitry!

 

The link is updated. There are the needed traffic dump and policy export files - traffic.zip and policy.klp

Hello,

Issue 2317668 was submitted.

Please wait reply from developers.

Thank you.

 

Share this post


Link to post
4 hours ago, msim said:

Sure.

I'm just trying ICMPv6 from PC with KES installed to remote IPv6 server (through OpenVPN site-to-site tunnel). If I uninstall KES completely this works. With KES installed - don't work.

That is.

I use unique local IPv6 addresses on both sites - local and remote.

 

P.S. If you wish we can continue our conversation in Russian. I apologize for my bad English. :)

Please create an incident in CA and provide its number in the topic.

We'll give you pf3020

Thank you.

 

Share this post


Link to post

Hi Dmitry!

I'm not sure what I have to do. Would you explain in more detail please? I don't know what is CA.

Sorry!

Share this post


Link to post

Thank you!

I'm trying to create CA account but haven't key file or activation code

CA.png

Edited by msim

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.