gwkr57 0 Posted February 11, 2015 Share Posted February 11, 2015 I am currently on Endpoint Protection 5.0.2229.1 We are wanting to use Endpoint's built in URL filtering to block social media websites (per boss's request). I was able to set this up without problem, but noticed that users could still access sites via https. So I enabled the option the HTTPS filtering option. That worked as intended for web browsing. The unwanted side effective of this is that LogMeIn Rescue Technician Console will not connect to clients. (See Screen Shot). The web filter nor the firewall log doesn't show anything being blocked. I did a quick glance at the computer's event log, but didn't find anything that looked like what I was looking for. Need some direction on where to go from here. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted February 11, 2015 Administrators Share Posted February 11, 2015 Try the following: - switch HTTPS scanner to interactive mode (Ask about non-visited websites) - try to connect via LogMeIn - when prompted about the certificate, click Exclude to exclude the communication from scanning - switch HTTPS scanner to automatic mode (Always scan SSL protocol) and check the "Apply created exceptions based on certificates" box. Link to comment Share on other sites More sharing options...
gwkr57 0 Posted February 11, 2015 Author Share Posted February 11, 2015 Try the following: - switch HTTPS scanner to interactive mode (Ask about non-visited websites) - try to connect via LogMeIn - when prompted about the certificate, click Exclude to exclude the communication from scanning - switch HTTPS scanner to automatic mode (Always scan SSL protocol) and check the "Apply created exceptions based on certificates" box. That worked on a local machine. So I exported the Excluded certificates from ESET and imported them into RSA, into the excluded Certificates. Tried LogMeIn with these settings being applied from RSA, but original behavior showed up. I'm guessing it's because LMI uses different address and different certs for different connection. I currently have certs for app05-01.logmein.com, app05-10.logmein.com, app05-04.logmein.com, Is there anyway to exclude an entire domain from filtering? Link to comment Share on other sites More sharing options...
invisik 0 Posted February 20, 2015 Share Posted February 20, 2015 Hi, Can you add *.LogMeIn.com as an allowed URL? Or *.logmeinrescue.com or whatever? -m Link to comment Share on other sites More sharing options...
richardw1972 1 Posted August 10, 2015 Share Posted August 10, 2015 I'm having exactly the same issue. Anyone got any ideas? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted August 11, 2015 Administrators Share Posted August 11, 2015 I'm having exactly the same issue. Anyone got any ideas? A possible solution was offered in post #4: Can you add *.LogMeIn.com as an allowed URL? Or *.logmeinrescue.com or whatever? Link to comment Share on other sites More sharing options...
richardw1972 1 Posted August 11, 2015 Share Posted August 11, 2015 As far as I know, you can only whitelist URLs in web filtering. I'm talking about protocol filtering.. Link to comment Share on other sites More sharing options...
richardw1972 1 Posted August 18, 2015 Share Posted August 18, 2015 Guess that's it, then? No sensible way of ESET allowing my users to get support from a provider who uses LogMeIn Rescue. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted August 18, 2015 Administrators Share Posted August 18, 2015 As far as I know, you can only whitelist URLs in web filtering. I'm talking about protocol filtering.. Doesn't LogMeIn communicate via https ? Have you tried my suggestion ? Link to comment Share on other sites More sharing options...
richardw1972 1 Posted August 18, 2015 Share Posted August 18, 2015 Hi Marcos. Thank for the suggestion(s). Your first suggestion (exclude all the certificates): as gwkr57 suggests, there are a lot of certificates associated with LMI Rescue, so you're playing whack-a-mole. If you're working with a third party support desk, you'd need to tie down one of their support staff for a period of time and start repeated sessions until you were reasonably confident that you had excluded every possible certificate. They (quite understandably) don't see why they should spend the time fixing what is ultimately my problem, because I use ESET. So that doesn't seem a practical solution in my case. Second suggestion ("Can you add *.LogMeIn.com as an allowed URL? Or *.logmeinrescue.com or whatever?") - I know how to whitelist URLs in web filtering. But we're talking about protocol filtering here. That's two distinct things in ESET. In protocol filtering, you can either whitelist by IP address, or designate a specific program a web browser (which as far as I am aware, you can only do if you know the specific path of the executable. You can't know that with LMI Rescue because it runs in a temp folder.) Do you see what I mean? I really appreciate your help, but I don't see how to make it into a workable solution in my case. Link to comment Share on other sites More sharing options...
Recommended Posts