Jump to content
Kavuser10

Access to file shares blocked

Recommended Posts

Scenario:

Kaspersky Endpoint Security 11.1 enabled on Server 2016 = access to all file shares blocked from the network. If protection is paused/disabled access to file shares is restored. By disabling components on one by one basis I have narrowed it down to Firewall. If Firewall is disabled access is restored. Adding local network to trusted networks has no effect. I have further narrowed it down to a single Packet Filter rule - TCP Connections through local ports which is set to blocked by default and blocks Windows filesharing ports.

 

FileSharesBlocked.PNG

Edited by Kavuser10

Share this post


Link to post

Network share is located on local network. Marking this network as trusted had no effect.

Share this post


Link to post

Could you please provide us with a screenshot of Firewall "Network" tab and with a report for "TCP connections..." rule(you can enable it within the rule).

Thank you!

Share this post


Link to post

Hello. 

It is endpoint security product, default settings are not intended for server purposes. 

This parameter is completely configurable, why are you thinking that this is some sort of unexpected behavior ? 

This  settings was a default configuration for a previous versions of Kaspersky Endpoint Security, and was adjusted by administrators if needed.

Share this post


Link to post
11 hours ago, Evgeny_E said:

Hello. 

It is endpoint security product, default settings are not intended for server purposes. 

This parameter is completely configurable, why are you thinking that this is some sort of unexpected behavior ? 

This  settings was a default configuration for a previous versions of Kaspersky Endpoint Security, and was adjusted by administrators if needed.

Hello,

Ok, we usually run the Security for File Server on the servers and this was my first time to try it out on a server os. As this is also meant to be run on servers (with available modules limited) it does seem strange but I guess you are right. If this is not a bug, then everything is ok.

Share this post


Link to post

Just another question. If I set the 10.10.10.X network as a trusted network shouldn't the ports be allowed then? Because setting the 10.10.10.X network as trusted seems to have no effect.

Share this post


Link to post

Hello. 

Please collect data using following scenario:

1)Leave only Firewall component enabled. Make sure you have a results described earlier, when Trusted network label was ignored. 
2)Export KES settings. 

3)Enable KES traces - https://help.kaspersky.com/KESWin/11/en-us/128166.htm ; after you start traces be sure to restart KES. 
4)Try accessing file share on a workstation with KES 11.1 from another PC

5)Stop traces . Copy trace files in a folder. KES traces could be found in folder 'C:\ProgramData\Kaspersky Lab' it is a text files with names that looks like this: KES.*_%date%.* .

6)Generate new GSI report.

7) Create an archive with files from steps: 2, 5, 6

Send a private message with data from step 9 to @KLCentralSupport , in a message leave a link to this topic. You may use file sharing service of your liking or we can give you an access to ftp server in order to transfer data.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.