ArminM 0 Posted October 30, 2020 Share Posted October 30, 2020 Hi, so I read this topic, I have the latest ESET IS version, and the network is trusted, still it blocks access for the WSL2 network. For now, If unlocked that specific IP, but that won't help for other IPs on the subnet. What am I missing, i.e. how do I properly unblock that adapter? Thanks. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,931 Posted November 1, 2020 Administrators Share Posted November 1, 2020 I was able to run Ubuntu only with WSL 1 on a vm and ping worked, ie. outbound network communication was not blocked as expected. It would help if you could provide step-by-step instructions how to reproduce the issue. Link to comment Share on other sites More sharing options...
ArminM 0 Posted November 2, 2020 Author Share Posted November 2, 2020 (edited) Well, the repro is really simple, start a WSL2 shell and observe the activity in the ESET dashboard. I can of course unblock that specific occurrence, but next time, WSL2's IP will change, so it seems to me this really requires an additional firewall rule which I created now for remote 172.17.87.0/24 to port 53 local udp on svchost. For now that seems to work. Edited November 2, 2020 by ArminM Link to comment Share on other sites More sharing options...
Administrators Marcos 4,931 Posted November 2, 2020 Administrators Share Posted November 2, 2020 I don't see any packets dropped in your screen shot so the question is what issue you have without checking the firewall troubleshooting wizard. Unfortunately I'm unable to run Ubuntu on WSL 2 on a VM no matter what I tried, it works only with WSL 1. Link to comment Share on other sites More sharing options...
ArminM 0 Posted November 2, 2020 Author Share Posted November 2, 2020 As you can see in the first screenshot, the ESET firewall blocks access to svchost/udp/53 coming from the 172.17.87 network. So it seems to me that the automatic firewall mode (whatever it normally does) does not handle this and that I have to create a manual rule to allow those connections. That solves my problem, but I kind of had expected that this would not require manual interaction, given that the WSL2 / 172.17.87 network could/should be a trusted network. But the labeling of the networks I had accumulated over time (like Virtual Network 21) doesn't give me any clues there. Anyway, I guess my issues is solved for now with the manual rule. Link to comment Share on other sites More sharing options...
Recommended Posts