byxil 0 Posted April 1 Share Posted April 1 I installed Smart Security on a PC with Windows 11 and now I can no longer ping that PC with my home automation system. Both are in my local network 192.168.1.X but the home automation server cannot ping my PC. I tried reading some messages with the same problem as me, but I'm not very expert and I didn't really understand what to do. If I uninstall the antivirus the ping works again Can someone help me? Thank you Link to comment Share on other sites More sharing options...
itman 1,760 Posted April 1 Share Posted April 1 Does your Eset active network connection show as Public profile? Link to comment Share on other sites More sharing options...
byxil 0 Posted April 1 Author Share Posted April 1 In the Configuration menu, -> network security, -> network connection, I have my router as a private network and a virtual network as public Link to comment Share on other sites More sharing options...
itman 1,760 Posted April 1 Share Posted April 1 (edited) 2 hours ago, byxil said: I have my router as a private network On the Private profile, Eset's firewall trusts all connections on the local subnet; e.g. 192.168.1.0/24. If you review Eset default firewall rules and scroll down to the rule title "Allow ICMP communication in the Trusted zone," all ICMP communication is allowed. This leads me to believe it's ICMP activity from the the VPN connection that is being blocked. Ping from the HA server again. Immediately thereafter open Eset GUI -> Network Protection. Refer to the section titled "Resolve blocked communication." The count shown should be a non-zero value. Mouse click on Resolve blocked communication section. Shown should be the blocked ICMP communication and you can have the Eset firewall auto create a firewall rule to allow the ICMP traffic. Edited April 1 by itman Link to comment Share on other sites More sharing options...
byxil 0 Posted April 2 Author Share Posted April 2 On 4/1/2024 at 9:33 PM, itman said: Ping from the HA server again. Immediately thereafter open Eset GUI -> Network Protection. Refer to the section titled "Resolve blocked communication." The count shown should be a non-zero value. I tried, but there is no new entry in "Resolve blocked communication.", the value remain zero. Link to comment Share on other sites More sharing options...
itman 1,760 Posted April 2 Share Posted April 2 (edited) 1 hour ago, byxil said: I tried, but there is no new entry in "Resolve blocked communication.", the value remain zero. I guess we can assume that the Eset firewall is not blocking the inbound ping activity. You will have to go through Eset logs; Detections, Filtered web site, HIPS, and Network Protection to determine if any entries exist related to this ping activity. Edited April 2 by itman Link to comment Share on other sites More sharing options...
byxil 0 Posted April 3 Author Share Posted April 3 Thank you in the meantime for your support. I found it, if I turn off the network traffic scanner, the ping works. I can disable the option from Configuration > Advanced Configuration > Detection Engine > Network Traffic Scanner > "Enable Network Traffic Scanner" on/off switch. However, I don't have an option to modulate this choice, either I deactivate all traffic or enable everything, I would like to be able to only deactivate the ping control towards the address of my home automation server. Link to comment Share on other sites More sharing options...
itman 1,760 Posted April 3 Share Posted April 3 It's strange that Eset Network Traffic Scanner would block a ping from a device on a trusted network to another device on the same network. One possibility is Eset is monitoring for a ping flood attack: https://www.imperva.com/learn/ddos/ping-icmp-flood/ . In any case if this is a major issue for you, I would open a tech support request about it. Link to comment Share on other sites More sharing options...
Rigo 0 Posted April 5 Share Posted April 5 I am having the same exact issue. I also found that disabling "network traffic scanner" allows the ping to go through. I have 3 PC's using the same config. The 2 that are working correctly are on version 17.0.16.0, The one that is no longer working as intended is on 17.1.9.0. This definitely seems like a bug. If i manually disable all the features that "network traffic scanner" enables, I still can't ping. That option is doing more filtering behind the scenes that we don't know of. Link to comment Share on other sites More sharing options...
byxil 0 Posted April 5 Author Share Posted April 5 What is the procedure for opening a technical support request? I would like to exclude from network scanning that device that has a fixed IP on the LAN Thanks for your help Link to comment Share on other sites More sharing options...
itman 1,760 Posted April 5 Share Posted April 5 27 minutes ago, byxil said: I would like to exclude from network scanning that device that has a fixed IP on the LAN In current Eset versions, you can't set exclusions to Network Traffic Scanner. 28 minutes ago, byxil said: What is the procedure for opening a technical support request? Open Eset GUI -> Help and Support -> Technical Support. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted April 5 Administrators Share Posted April 5 The network traffic scanner doesn't affect network communication except HTTP(S), POP3(S) and IMAP(S). Ping sends an ICMP echo so it can be blocked only by network protection. Please carry on as follows: Enable advanced logging under Help and support -> Technical support Reproduce the issue Stop logging Collect logs with ESET Log Collector and upload the generated archive here. Link to comment Share on other sites More sharing options...
Rigo 0 Posted April 5 Share Posted April 5 I've attached my logs. I enabled advanced logs then replicated the issue as follows: - Ping w/ ESET running - No response - Disabled ESET firewall - No Response - Disabled network traffic scanner - Response! - Re-enabled ESET Firewall - Response! - Re-enabled network traffic scanner - No response Disabled logs and collected. eis_logs.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted April 5 Administrators Share Posted April 5 Does disabling only HTTP/3 make a difference? Does adding the subnet 192.168.50.0/24 to the Trusted zone make a difference? Rigo 1 Link to comment Share on other sites More sharing options...
Rigo 0 Posted April 5 Share Posted April 5 Disabling HTTP/3 traffic scanning worked! Thank you! I already had a network connection profile with the IP ranges needed so I didn't need to add an IP set but the first solution did the trick. Hopefully this works for OP as well. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted April 5 Administrators Share Posted April 5 3 minutes ago, Rigo said: I already had a network connection profile with the IP ranges needed so I didn't need to add an IP set but the first solution did the trick. Not really, I see that the activator for the private network profile are: Windows profile: Domain Windows provile: Private Hence I asked to add the subnet to the trusted zone explicitly. Link to comment Share on other sites More sharing options...
Solution Rigo 0 Posted April 5 Solution Share Posted April 5 (edited) With this profile. I am able to connect to my other devices. Is this a bad approach? Edited April 5 by Rigo Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted April 5 Administrators Share Posted April 5 I can't verify if the activators are valid on your machine, hence I've asked to put the subnet to the trusted zone explicitly at least while troubleshooting the issue. Rigo 1 Link to comment Share on other sites More sharing options...
byxil 0 Posted April 5 Author Share Posted April 5 44 minutes ago, Rigo said: With this profile. I am able to connect to my other devices. Is this a bad approach? It's work for me too Link to comment Share on other sites More sharing options...
byxil 0 Posted April 7 Author Share Posted April 7 No it doesn't work like that either, I've given up and to get the ping I need for my automations, I have to keep network traffic disabled. 😭 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted April 7 Administrators Share Posted April 7 6 minutes ago, byxil said: No it doesn't work like that either, I've given up and to get the ping I need for my automations, I have to keep network traffic disabled. Please provide logs collected with ESET Log Collector as per the instructions in my post above. Link to comment Share on other sites More sharing options...
Novea 0 Posted April 7 Share Posted April 7 Dear, I'm facing the same issue, disabling HTTP/3 is resolving the ping issue. Link to comment Share on other sites More sharing options...
Rigo 0 Posted April 8 Share Posted April 8 21 hours ago, byxil said: No it doesn't work like that either, I've given up and to get the ping I need for my automations, I have to keep network traffic disabled. 😭 Just to be clear, did you try disabling HTTP/3 traffic scanning? That was the solution for me and the other user here. Having the correct network connection profile alone is not enough. I only ask because you marked my post as the solution but Marcos' post is the actual solution. Link to comment Share on other sites More sharing options...
byxil 0 Posted April 8 Author Share Posted April 8 22 hours ago, Novea said: Dear, I'm facing the same issue, disabling HTTP/3 is resolving the ping issue. Please tell me how should I go about deactivating that protocol. Sorry but I'm not an expert and I looked a bit but I couldn't find where I should set this parameter. Thank you Link to comment Share on other sites More sharing options...
byxil 0 Posted April 8 Author Share Posted April 8 (edited) 8 hours ago, Rigo said: Just to be clear, did you try disabling HTTP/3 traffic scanning? That was the solution for me and the other user here. Having the correct network connection profile alone is not enough. I only ask because you marked my post as the solution but Marcos' post is the actual solution. Thanks to you too, I know your post wasn't the solution but I can't remove the flag anymore. For Marcos' solution, I haven't posted the log yet because he created a zip file of over 300 MB and let's, first see if the solution that Novea said works. Edited April 8 by byxil Link to comment Share on other sites More sharing options...
Recommended Posts