Jump to content

Recommended Posts

Hi, after a long time having problems with my vpn connection, today I found out that Eset was blocking it all the time. I turned the vpn on then I went to troubleshooting wizard & saw 3 entries showed up there:

Nt Kernel & System (Block incoming NetBios request)

SSDP Discovery (svchost.exe) (Block incoming SSDP(UPNP) requests for svchost.exe)

DNS client (svchost.exe) (Block incoming multicast DNS requests)

Are these blockings set by default? I want to unblock them to allow my vpn, but not losing security. What should I do?

Thanks

Link to comment
Share on other sites

Strange .....

Anything you posted that is being blocked by the Eset firewall should not affect your VPN connectivity.

Your VPN should provide instructions on what protocols and ports it uses along with what needs to be excluded from third party firewall monitoring.

Edited by itman
Link to comment
Share on other sites

2 minutes ago, itman said:

Anything you posted that is being blocked by the Eset firewall should not affect your VPN connectivity.

Hi itman, so why they appeared immediatley after turning vpn on?

Link to comment
Share on other sites

Just now, Guided said:

Hi itman, so why they appeared immediatley after turning vpn on?

As I posted, check your VPN provider's web site FAQS, help, forum, etc. for network setup and connectivity requirements.

Link to comment
Share on other sites

 

9 minutes ago, Marcos said:

Does temporarily pausing the firewall allow you to connect via VPN?

Hi Marcos, I dont want to disable the firewall because I blocked 1-2 programs in the firewall, and dont want them to access the internet.

Are these blockings normally set by default in Eset, or they are uncommon?

Edited by Guided
Link to comment
Share on other sites

One possibility for blockage is the following.

When Eset Network protection senses a VPN connection, it should have either auto setup a VPN network adapter connection, or prompted you that one was detected and do you want to trust this network connection.

If you replied to the Eset alert not to trust the connection, Eset will set up a Public firewall profile for the connection. This will block all VPN connectivity.

Edited by itman
Link to comment
Share on other sites

4 minutes ago, itman said:

One possibility for blockage is the following.

I went to "Known Networks" and there was no entry for the vpn, neither eset asks me about it when I turn the vpn on. What is wrong here do you think?

Link to comment
Share on other sites

28 minutes ago, Guided said:

I went to "Known Networks" and there was no entry for the vpn, neither eset asks me about it when I turn the vpn on. What is wrong here do you think?

Good question ........ Eset should have detected the VPN connection.

Open a command prompt window and enter:

ipconfig /all

Does the VPN connection show there?

Link to comment
Share on other sites

5 minutes ago, Guided said:

HotspotShield

I went through all the troubleshooting listed here: https://support.hotspotshield.com/hc/en-us/articles/115005293466-Why-can-t-I-connect-to-Hotspot-Shield-VPN-on-Windows- .

It does install a TAP network adapter and Eset should be picking up that network adapter . You might want to perform Step 9). in the above linked article and see if Eset alerts on a new network connection afterwards and the alert is for the HotspotShield adapter.

If the above doesn't resolve the VPN issue, you might want to open an Eset support ticket with whatever source you purchased Eset from. Of note is Eset is not sold or officially supported in Iran. It may very well be that HotspotShield VPN is incompatiable with Eset.

Link to comment
Share on other sites

I also found this posting that covers another instance where Eset did not detect VPN connection:

Quote

Since the VPN subnet is not automatically added to ESET's "Known networks", what is the best approach to  allowing VPN connections as if they were just another PC on the same subnet as the PC on which ESET is installed? Is that a bad idea? What are the differences between adding 10.1.1.0/24 to the Trusted zone versus manually adding 10.1.1.0/24 to the Known networks?

EDIT:

I did what another user suggested (https://forum.eset.com/topic/8274-endpoint-security-homework-network-not-being-treated-as-trusted-zone/?tab=comments#comment-43989) and added the VPN subnet to the already existing Known network and it seems to work just fine.

https://forum.eset.com/topic/13005-how-to-allow-vpn-access/?do=findComment&comment=64905

Note the above is not without security risk since the VPN connection is being treated as a local subnet trusted connection.

Edited by itman
Link to comment
Share on other sites

15 hours ago, itman said:

I went through all the troubleshooting listed here

Thanks alot itman, I went through step 9 & also afew steps more, but it seems a long story, since when executing "netsh int ip reset logfile.txt" got "failed to reset" message & have to go through that too. Meanwhile I want you to know that this problem goes & comes, maybe for 1-2 weeks I have this vpn problem & it solves itself & again. Regarding Upnp, I noticed that "Enable UPnP protocol" is unchecked in my router settings, & I remember that ISP suggested to disable it to increase security(?).

Thanks again

15 hours ago, itman said:

Note the above is not without security risk since the VPN connection is being treated as a local subnet trusted connection.

Since you say its risky, & also abit confusing for me, I decided not to go for it.

Link to comment
Share on other sites

  • ESET Insiders

I also post a post about it, but this was misunderstood by Marcos and he was only of the opinion that it was due to OpenVPN, which is complete nonsense. Yes Eset has a VPN problem with enabling the NetBios request, and this is an Eset problem! And the VPN connection has never been recognized by Eset as it should be as a new network.

I only have this problem as well as other problems since the new build 14.2.19.0, z.b. that the download of the virus signatures now and then abort the download, but not abort in the actual sense, the virus signature remains in the middle of the download and it can neither be aborted nor anything else, it then only helps to restart the PC

Link to comment
Share on other sites

  • 3 weeks later...

I would like to add here that after uninstalling Eset, I still have this vpn problem. So Eset "may not" be the cause of this problem.

Thanks

Link to comment
Share on other sites

  • ESET Insiders

Then you had a different problem like me, because with me Hing Eset gets stuck every time I wanted to release the NetBios for the VPN and that needs a VPN now and that was a clear Eset error, because I don't have in build 14.2.23.0.

But even this build does not recognize VPN as a new network!

Link to comment
Share on other sites

26 minutes ago, SlashRose said:

But even this build does not recognize VPN as a new network!

That's strange. When I activated Defender Application Guard on Win 10 Pro, Eset auto created a vEthernet VPN connection.

Link to comment
Share on other sites

  • ESET Insiders

Eset has never recognized a VPN connection with me, no matter what VPN software.

Because Defender , I've never used it.

Edited by SlashRose
Link to comment
Share on other sites

1 hour ago, SlashRose said:

Eset has never recognized a VPN connection with me, no matter what VPN software.

 

Have you tried complete uninstall/reinstall Eset (with uninstall tool)? Sometimes that helps.

I am using another vpn & that works most of the time, so I thought maybe Eset is not the problem. The only thing that was suspicious to me, was the three blockings (first post) immediately after hotspotshield run.

Also check that you have tap-windows adapter v9 in your device manager, since many VPNs use it to connect.

Link to comment
Share on other sites

2 hours ago, SlashRose said:

Because Defender , I've never used it.

Application Guard is only available on Win 10 Pro+ and server versions. It has nothing to do with Windows Defender and can be used with any third party AV.

Link to comment
Share on other sites

  • ESET Insiders
26 minutes ago, itman said:

Application Guard is only available on Win 10 Pro+ and server versions. It has nothing to do with Windows Defender and can be used with any third party AV.

I think they changed that in 21H1, its under MS Defender now.

2021-08-07.png

Link to comment
Share on other sites

17 hours ago, NewbyUser said:

I think they changed that in 21H1, its under MS Defender now.

It depends on how you define MS Defender.

There are settings in Defender Security Center that are not dependent upon Windows Defender use; SmartScreen, Exploit protection, and Device protection settings such as Hypervisor core and memory protection are other examples.

As I posted in a thread on Application Guard I opened a while back, it appears that the only AV that will work in an Application Guard virtual Edge or MS Office app instance is Windows Defender or the endpoint version, Windows Defender ATP. However, these virtualized apps run just fine using any third party AV; you're just not being protected by them in an Application Guard session.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...