SolvedPrivate

Sophos Windows Firewall and TeamViewer

Posted on 2014-10-03
12
26 Views
Last Modified: 2016-02-25
What do I need to do to get this damn thing to work?  I'm having one hell of a time.  Works fine when I stop the service, but I'm unable to connect to it from my mobile, or any other device, when enabled.
0
Comment
Question by:BrianRB
  • 6
  • 5
12 Comments
 
LVL 2

Author Comment

by:BrianRB
ID: 40359843
FYI, I do have outbound stateful tcp 5938 enabled as well.  can browse the net just fine.

http://www.teamviewer.com/en/help/334-Which-ports-are-used-by-TeamViewer.aspx
0
 
LVL 62

Expert Comment

by:btan
ID: 40360941
hope it is not the application control policy blocking it
http://www.sophos.com/en-us/threat-center/threat-analyses/controlled-applications/TeamViewer.aspx

also good to chek the Firewall Live Log and Web Filtering Live Log, if they surface any error for TV. Saw another track stating to use various HTTP/HTTPS scanning mode.
https://www.astaro.org/gateway-products/network-protection-firewall-nat-qos-ips/23675-teamviewer-blocking-3.html
In "Transparent" modes, the Proxy handles only HTTP (and HTTPS if scanning is selected). That's why it can't manage Teamviewer unless HTTPS scanning is enabled.

In "Standard" modes, the proxy handles all of the services listed in 'Allowed target services' on the 'Advanced' tab. In these modes, your browser sends the unencrypted HTTPS URL to the Proxy, thus allowing it to do URL filtering as well as
0
 
LVL 23

Expert Comment

by:Dirk Kotte
ID: 40362402
i think BrianRB uses a local software at his PC/Server like Sophos Enpoint Security ...

check the logfile seen at the following link, or do you have this problem also:
http://community.sophos.com/sophos/board/crawl_message?board.id=ESDP&message.id=16644
0
 
LVL 62

Expert Comment

by:btan
ID: 40362745
useful tips
http://www.sophos.com/en-us/support/knowledgebase/63997.aspx
Creating rules

Run as many applications as possible, that you know are used on computers on your network including web browsers. Details of these applications are recorded in the firewall logs.
Create a set of rules to allow these applications and then create a policy based on these rules.
Export this policy to Enterprise Console. This will provide the foundation upon which you can build other policies.

Rolling out the policy

Set the policy to 'Monitor mode' and roll it out to one or more groups on the network. This will now send reports back to the firewall log. Based on what is reported in the firewall logs, you can then update your policy to block or allow specified traffic.
Once you have run this for a while and are satisfied that you have designed policies to suit your network, reset the firewall to Block by default. Once you have done this it will block all traffic that is not specified in your policies.
0
 
LVL 2

Author Comment

by:BrianRB
ID: 40367408
D, you are correct.  Sorry I've been incognito guys.  None of this worked.  :(
0
 
LVL 62

Expert Comment

by:btan
ID: 40367426
have to see check the Intrusion Prevention, Application Control and Firewall logs to determine what is blocking then...if FW is turn off, can it work - should be (trying to ascertain it is default working). in forum there is also to the extend of allowing country to get it working per se

https://www.astaro.org/gateway-products/network-protection-firewall-nat-qos-ips/47474-teamviewer-country-blocking.html

although this is pertaining to UTM, there is specific version in Sophos in itself having conflict and some get it working with some config below

https://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/48815-9-104-teamviewer-over-http-proxy-sometimes-not-working-2.html
Under Web filtering > Exceptions we have created the following new exception
Teamviewer [Allow Teamviewer Access]
Skipping: Authentication / Caching / Antivirus / Extension blocking / MIME type blocking / URL Filter / Content Removal / SSL scanning / Certificate Trust Check / Certificate Date Check
Matching these URLs: ^https?://([A-Za-z0-9.-]*\.)?teamviewer\.com/

Under firewall we have added a new rule called Teamviewer

Internet > TCP Port (Source: 1:65535) to (Destination: 5938) > Any IP4
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 2

Author Comment

by:BrianRB
ID: 40380888
Still nothing
0
 
LVL 62

Expert Comment

by:btan
ID: 40381282
Any error log in event viewer at the workstation, firewall log else this is wild goose chasing. even if sophos is blocking at machine then there should be some form of alert (via Application Control policy) too..
http://www.sophos.com/en-us/threat-center/threat-analyses/controlled-applications/TeamViewer.aspx
 ...also maybe disable Sophos and try windows firewall...same make sure the ports are open up ... after setting those rules try restart your PC. Make sure your changes in Windows Firewall are set for your current profile (Public, Home, Domain) Network.

Windows Firewall Profiles are related to Network Location Awareness (NLA). This allows you to apply a different set of Firewall rules depending on which network you are connected to. Please make sure that the profile you set is associated with the network you connected to.

Network Location Awareness (NLA) and how it relates to Windows Firewall Profiles
http://blogs.technet.com/b/networking/archive/2010/09/08/network-location-awareness-nla-and-how-it-relates-to-windows-firewall-profiles.aspx

Understanding Firewall Profiles
http://technet.microsoft.com/en-us/library/getting-started-wfas-firewall-profiles-ipsec(v=ws.10).aspx
0
 
LVL 2

Author Comment

by:BrianRB
ID: 40429093
Hey sorry I've been incognito.  Production has been crazy.  I went through everything you guys suggested and even what Sophos has on their site but still no joy.
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40429710
can sophos just set the teamviewer server as exception IP address  or similar, if this doesnt even works then something is really wrong...

https://www.sophos.com/en-us/support/knowledgebase/115692.aspx
0
 
LVL 2

Author Comment

by:BrianRB
ID: 40440952
yeah it doesn't work :(
0
 
LVL 62

Expert Comment

by:btan
ID: 40441629
looks like better to get the sophos FW uninstalled and confirm it can access and if so, reinstall using latest ver with default setting and try out and then enable the port as mentioned earlier and exception. if all remains, then switch the FW s/w since the support cannot better advice - too much subtle details not surfaced.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
using a remote printer through an RDP session 6 50
Remote Desktop Freezes after a few seconds 17 72
JItbit AD intergration 4 76
RDP Connection Issues 12 67
Online collaboration can help businesses be more efficient, help employees grow their skills and foster a team environment.
Email signature management is something that is often overlooked in many organizations or is simply not implemented effectively. Let's take a look at what methods are available for managing this important piece of corporate branding.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now