This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint Protection - Error while using AusweisApp2

Hello, 

We are having issues on our devices with the AusweisApp2 in conjunction with Sophos Endpoint Protection.
The AusweisApp2 is a German application for authenticating oneself on the Internet with one's identity card on government websites.
When the Endpoint Protection is active, we get the error message from the AusweisApp2 as shown in the screenshot below.


However, if we disable the "Web Control" and "Internet" settings on a device, the AusweisApp2 works and we do not get any error message.
We have already set for the application on the list of allowed applications. Unfortunately, this did not help. We also whitelisted the URL for verification with the provider. Also without success.

Unfortunately, my research in the support area as well as in the community area did not find anything about this problem.

Does it make sense to open a support case directly with Sophos?

I thank you in advance for all the answers.
With best regards
Lasse Spiegel



This thread was automatically locked due to age.
Parents Reply Children
  • Hello Kushal, 

    Thank you for your response.

    We aren't currently using the HTTPS decryptioon feature. It's not enabled for any Thread Protection rule. 

    I could indeed find entries where Sophos checked connections. They returned always page allowed and/or decision:continue.

    I'm going to raise a support ticket.

    Thank you for your support.

    Best regards, 

    Lasse Spiegel

  • Hallo Lasse,

    hast du eine Lösung vom Support erhalten?

    Wir haben das selbe Problem. HTTPS Scann ist bei uns auch nicht aktiv.

    Wenn ich im Sophos Client die "Web Control" und  "Echtzeit-Scans Internet" ausschalte, dann kann der Client die Verbindung aufbauen und die Daten werden vom Ausweis auf die Webseite übertragen.

    In der Logdatei "SophosNetFilter.log" wird die Seite auch erlaubt. Aber es funktioniert nur, wenn "Web Control" und  "Echtzeit-Scans Internet" aus sind.

    2022-11-03T15:06:37.260Z [18224:17124] I WebControl enabled by policy
    2022-11-03T15:06:37.260Z [18224:19200] I SNF has been successfully initialized
    022-11-03T15:06:58.680Z [18224: 4324] I [clienthello] connection:0x24a4c8d2b60 sni:www.fuehrungszeugnis.bund.de flowId:26995 decision:nodecrypt
    2022-11-03T15:06:58.681Z [18224:17124] I [request] connection: 0x24a4c8d2b60 url:www.fuehrungszeugnis.bund.de flowId:26995 decision:allowed riskLevel:2 universalCategory:18
    2022-11-03T15:06:58.681Z [18224:17124] I page allowed: www.fuehrungszeugnis.bund.de
    
    2022-11-03T15:06:58.685Z [18224: 4324] I [clienthello] connection:0x24a4be80230 sni:www.fuehrungszeugnis.bund.de flowId:26994 decision:nodecrypt
    2022-11-03T15:06:58.686Z [18224:17124] I [request] connection: 0x24a4be80230 url:www.fuehrungszeugnis.bund.de flowId:26994 decision:allowed riskLevel:2 universalCategory:18
    2022-11-03T15:06:58.686Z [18224:17124] I page allowed: www.fuehrungszeugnis.bund.de
    
    2022-11-03T15:06:58.847Z [18224:18544] I [webengine] New connection 0x24a4c8d2da0
    2022-11-03T15:06:58.848Z [18224:17124] I [check-ip] connection:0x24a4c8d2da0 ip:80.245.152.60 flowId:26998 decision:continue
    2022-11-03T15:06:58.849Z [18224:15504] I [clienthello] connection:0x24a4c8d2da0 sni:www.fuehrungszeugnis.bund.de flowId:26998 decision:nodecrypt
    2022-11-03T15:06:58.850Z [18224:17124] I [request] connection: 0x24a4c8d2da0 url:www.fuehrungszeugnis.bund.de flowId:26998 decision:allowed riskLevel:2 universalCategory:18
    2022-11-03T15:06:58.850Z [18224:17124] I page allowed: www.fuehrungszeugnis.bund.de
    
    2022-11-03T15:06:59.959Z [18224:18544] I [webengine] New connection 0x24a4c827b30
    2022-11-03T15:06:59.960Z [18224:17124] I [check-ip] connection:0x24a4c827b30 ip:127.0.0.1 flowId:26999 decision:continue
    2022-11-03T15:06:59.961Z [18224:19060] I [request] connection: 0x24a4c827b30 url:http://127.0.0.1/ flowId:26999 decision:allowed riskLevel: universalCategory:
    2022-11-03T15:06:59.989Z [18224:18544] I page allowed: http://127.0.0.1/
    2022-11-03T15:06:59.989Z [18224:17124] I [scan] connection:0x24a4c827b30 url:http://127.0.0.1/ flowId:26999 decision:allowed
    2022-11-03T15:06:59.990Z [18224:19064] I [webengine] Closing connection 0x24a4c827b30 for 'http://127.0.0.1/': request=515B, response=444B, lifetime=31ms, firstResponse=28ms, businessLogicDelay=0ms, timeInCache=3ms, in=29ms, out=29ms, r.eos=29ms
    
    2022-11-03T15:06:59.990Z [18224:18544] I [webengine] New connection 0x24a4be80b10
    2022-11-03T15:06:59.991Z [18224:17124] I [check-ip] connection:0x24a4be80b10 ip:127.0.0.1 flowId:27001 decision:continue
    2022-11-03T15:06:59.991Z [18224:17124] I [request] connection: 0x24a4be80b10 url:http://127.0.0.1/eID-Client?Status flowId:27001 decision:allowed riskLevel: universalCategory:
    2022-11-03T15:06:59.997Z [18224:18544] I page allowed: http://127.0.0.1/eID-Client?Status
    2022-11-03T15:06:59.997Z [18224:17124] I [scan] connection:0x24a4be80b10 url:http://127.0.0.1/eID-Client?Status flowId:27001 decision:allowed
    2022-11-03T15:06:59.999Z [18224:19064] I [webengine] Closing connection 0x24a4be80b10 for 'http://127.0.0.1/eID-Client?Status': request=560B, response=444B, lifetime=8ms, firstResponse=5ms, businessLogicDelay=0ms, timeInCache=0ms, in=6ms, out=6ms, r.eos=6ms
    
    2022-11-03T15:07:00.262Z [18224:18544] I [webengine] New connection 0x24a4be80990
    2022-11-03T15:07:00.263Z [18224:17124] I [request] connection: 0x24a4be80990 url:http://127.0.0.1/eID-Client?tcTokenURL=https%3A%2F%2Fwww.fuehrungszeugnis.bund.de%2Fffw%2Fgovernikus-autent%2Ftoken%2F_3a75ca81-348d-4da8-bebc-6135c28f88df%3Bjsessionid%3DB9540C8958D1D96F8A9C45D47101111C.nodevlp25252-03 flowId:27003 decision:allowed riskLevel: universalCategory:
    2022-11-03T15:07:00.263Z [18224:17124] I [check-ip] connection:0x24a4be80990 ip:127.0.0.1 flowId:27003 decision:continue
    2022-11-03T15:07:01.308Z [18224:18544] I page allowed: http://127.0.0.1/eID-Client?tcTokenURL=https%3A%2F%2Fwww.fuehrungszeugnis.bund.de%2Fffw%2Fgovernikus-autent%2Ftoken%2F_3a75ca81-348d-4da8-bebc-6135c28f88df%3Bjsessionid%3DB9540C8958D1D96F8A9C45D47101111C.nodevlp25252-03

  • Moin Terry, 

    wir haben vom Sophos Support die Lösung bekommen.

    Unter "Globale Einstellungen -> Globale Ausschlüsse" muss 127.0.0.1 als Website ausgeschlossen werden. Dann funktioniert die Ausweisapp ohne Einschränkungen. Weitere Richtlinien waren bei uns nicht notwendig.

  • Danke für die Antwort und Lösung.
    Es funktioniert jetzt auch bei uns.Thumbsup

  • Perfekt .. damit klappt es bei uns auch wieder