Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
FortiClient- An issue to be resolved
Message
<blockquote data-quote="ForgottenSeer 58943" data-source="post: 699079"><p>Have you configured any custom ports on Freedome?</p><p></p><p>Generally, IPSEC uses 500 for SAKMP (IKE Auth) and 4500 for ESP UDP Encap, so those shouldn't be blocked on FortiClient because Forticlient itself uses those for it's own VPN back to a Fortigate. Unless there is a non-standard or trojan'sque port Freedome is using? The anti-bot is pretty aggressive in it's blocking of common botnet ports/protocols so anything off of the standard would be vehemently blocked.</p><p></p><p>I will take a look when I get some time today. In the meantime try this workaround - re-install Forticlient but this time install the VPN aspect of it. That will by default, unblock common IPSEC/SSL VPN ports in the anti-botnet during the installation process because it auto-adds exclusions for those ports so the FortiClient VPN will work, in the process of that it should also unblock those ports for other VPN's. Then you can go into your network adapter section and disable the FortiClient virtual adapter. If that works let me know and I will report the bug. If it doesn't work, allow me a day to look into it.</p><p></p><p>There is an assumption that in a corporate/smb/enterprise environment you won't want your users installing VPN's and bypassing the local network security and validations. A logical assumption in a business deployment which is what this is actually designed for.</p><p></p><p>Also, there is a known bug (sort of bug for home users) with the web filtration on FortiClient where it can 'sometimes' block printers on your network using WSD to connect as opposed to static IP address assignments to printers. This wouldn't impact enterprise/corporation/smb users because they use print servers, shared printers and static assigned printers. So the workaround for that known issue (in home use) is to static your printers.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 58943, post: 699079"] Have you configured any custom ports on Freedome? Generally, IPSEC uses 500 for SAKMP (IKE Auth) and 4500 for ESP UDP Encap, so those shouldn't be blocked on FortiClient because Forticlient itself uses those for it's own VPN back to a Fortigate. Unless there is a non-standard or trojan'sque port Freedome is using? The anti-bot is pretty aggressive in it's blocking of common botnet ports/protocols so anything off of the standard would be vehemently blocked. I will take a look when I get some time today. In the meantime try this workaround - re-install Forticlient but this time install the VPN aspect of it. That will by default, unblock common IPSEC/SSL VPN ports in the anti-botnet during the installation process because it auto-adds exclusions for those ports so the FortiClient VPN will work, in the process of that it should also unblock those ports for other VPN's. Then you can go into your network adapter section and disable the FortiClient virtual adapter. If that works let me know and I will report the bug. If it doesn't work, allow me a day to look into it. There is an assumption that in a corporate/smb/enterprise environment you won't want your users installing VPN's and bypassing the local network security and validations. A logical assumption in a business deployment which is what this is actually designed for. Also, there is a known bug (sort of bug for home users) with the web filtration on FortiClient where it can 'sometimes' block printers on your network using WSD to connect as opposed to static IP address assignments to printers. This wouldn't impact enterprise/corporation/smb users because they use print servers, shared printers and static assigned printers. So the workaround for that known issue (in home use) is to static your printers. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
