Jump to content

Recommended Posts

Simon Reach
Posted
Just upgraded from KSC10 to KSC11 with Agent and KES11 as well. The policy was replicated on the new KSC11 server and most things are alright but we're having an issue with machines running the new version KES11 managed by the new KSC11 server not being able to connect via VPN. The only events i can see in the logs is- Event name Network attack detected Severity: Critical Application: Kaspersky Endpoint Security for Windows (11.1.0) Version number: 11.1.0.15919 Task name: Network Threat Protection Device: LAPTOP1 Group: Test Time: 13/05/2019 10:03:19 Virtual Administration Server name: Description: Event type: Network attack detected Application\Name: Kaspersky Endpoint Security for Windows User: OPENFIELD\Administrator (Active user) Component: Network Threat Protection Result\Description: Blocked Object: from several different sources Object\Type: Network packet Object\Name: from several different sources Object\Additional: Suspicious: Database release date: 13/05/2019 04:41:00 I've added the IP range given by the vpn, which is 10.251.130.0/24, into the Firewall as a Local network, i've turned off the Network Threat Protection and i've even turned off the firewall and it still won't let me connect to the VPN. I've also added the vpnagent.exe and vpnui.exe of the Cisco Anyconnect client in as a Trusted Application and again, it stills failed to connect. As soon as i turn off KES11 on the laptop, the vpn connects straight away without issue.
Simon Reach
Posted
All sorted. It was shockingly web control that was blocking it, the url of abnp.ironport.com was being blocked so just had to unblock it for it to work.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...