logo
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
jeffshead  
#1 Posted : Friday, October 5, 2018 5:49:01 AM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 29
United States

Thanks: 1 times
Has anyone learned that their self-hosted, CWC site is being blocked by web-filtering solutions? I learned that Fortinet Endpoint and the Web@Work (MobileIron) browser are both blocking my site. I found this out when I had a user try to access my CWC site. I finally figured out that the reason he could not connect from his company laptop was because his company deployed Fortinet Endpoint and the admin apparently enabled a filtering category that blocks remote access sites. I ran into the same thing when I tested with another person's company cell phone (different company and different web filtering solution).

My CWC site is non-existent in search results and there is nothing malicious about it. I'm not sure but I doubt that they scour the Internet and keep a database of categorized URL's.

So my question is: How do these web filtering solutions know a site offers remote access? Are there any triggers/identifiers that can be removed?

Edited by user Friday, October 5, 2018 5:57:05 AM(UTC)  | Reason: Not specified

georg.leitner  
#2 Posted : Monday, October 8, 2018 9:37:43 AM(UTC)
georg.leitner


Rank: Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 2/3/2015(UTC)
Posts: 37
Austria

Thanks: 1 times
Was thanked: 5 time(s) in 5 post(s)
Firewall / Endpoints could identify CWC by looking into the packets like all modern Firewalls can (Application FW) and not only by IP / Ports.
jeffshead  
#3 Posted : Monday, October 8, 2018 12:44:40 PM(UTC)
jeffshead


Rank: Member

Joined: 10/22/2015(UTC)
Posts: 29
United States

Thanks: 1 times
Originally Posted by: georg.leitner Go to Quoted Post
Firewall / Endpoints could identify CWC by looking into the packets like all modern Firewalls can (Application FW) and not only by IP / Ports.

Thanks for the info!

The users can't even load the login page, before a session is created/started. Also, I have a sub domain that cannot be loaded, either. Seems they are actually blocking the domain but I can't imagine why since the domain is virtually unknown and benign. I think something else is triggering the block. I have another domain, different VPS, same IP block, that is not blocked???

georg.leitner  
#4 Posted : Tuesday, October 9, 2018 6:24:06 AM(UTC)
georg.leitner


Rank: Member

Medals: Level 1: Random Act of Kindness! Received One Thanks!

Joined: 2/3/2015(UTC)
Posts: 37
Austria

Thanks: 1 times
Was thanked: 5 time(s) in 5 post(s)
easiest way would be to get in contact with the admin of the other side to check why it is blocked.
Scott  
#5 Posted : Tuesday, October 9, 2018 12:43:15 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,764
United States

Thanks: 3 times
Was thanked: 338 time(s) in 292 post(s)
Just to clarify, however, while modern firewalls often do Deep Packet Inspections (DPI) of network traffic, since the traffic going across the relay within ConnectWise Control is encrypted they cannot tell much. We do occasionally see some firewalls that perform this DPI scan expecting to see HTTPS-traffic and it can cause connection problems since our traffic is not typical HTTPS encrypted data.

I agree with @georg.leitner, however. The easiest path forward is likely to contact the Vendor or Administrator (whichever's applicable) to determine why the traffic is being blocked. If it's a large enough vendor then typically our Product Management team will reach out to see if the problem can be resolved.
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.