This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Nvidia Experience - Driver Download Problem

I have recently started using the Web Filter and while I have been able to resolve most issues with services being blocked, I can't figure out an issue with Nvidia Experience. Basically, Nvidia Experience is a program that optimizes games for the installed Nvidia graphic card. However, it also updates the driver software. Now, I found that when I am using Web Filtering, the software is still downloading any driver upgrades, but once it hits 100%, it simply resets and wants to download the driver again. So, I am guessing that Web Filtering is somehow preventing Nvidia Experience from completing the download.

Here is what I have done so far:

1. Checked that it works when Web Filtering is disabled.

2. Checked Intrusion Prevention and found nothing.

3. Checked the Web Filtering log and found nothing.

 

I am guessing that I need an exception rule and so I have started creating one that excludes all *.nvidia.com URLs, but that didn't resolve the problem.

Did anybody have any luck fixing this problem?

Thank you!



This thread was automatically locked due to age.
  • Jens, you said you "Checked the Web Filtering log and found nothing."  Could you show us several of the "pass" lines where this access wasn't blocked?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    That's the problem. I don't see anything in the log. I neither see a "pass" nor a "block" in the real time log.

    I only know that when I turn off web filtering, Nvidia Experience works just fine.

    Cheers,

    Jens

  • OK, Jens, this would indicate that nVidia is using another site.  Open the Web Filtering Live Log and try the access - I bet that shows activity that would be interesting to see.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    I am sorry, but I meant the live log when I said real time log in my previous reply.

    Basically, the live log is not showing anything. It neither shows blocked nor unblocked log entries for Nvidia. The log seems to work fine since it is showing entries for other software solutions.

    That said, I am pretty sure that your assessment that it is using another site is correct. I just don't know how to find it without the live log telling me.

    Cheers,

    Jens

  • I had the same issue. I was able to resolve it by:

    1. Manually updating to the latest version of GeForce Experience (I don't think this had any impact on the overall solution, though)
    2. Created a Web Filtering rule which skips Caching and Extension Blocking, when matching the following URLs:
      1. ^http://international-gfe.download.nvidia.com/
      2. ^http?://([A-Za-z0-9.-]*\.)?nvidia\.com/

    My regex isn't very good, so it's quite possible that the second URL makes the first one redundant.  I'll investigate that at a later stage.

    I had those two URLs in a Web Filtering rule earlier as well, but the rule was only set to skip Extension Blocking.  Adding Caching to the rule seems to be the change which fixed the issue.

    Once that rule was in place, I was able to download the latest driver within GeForce Experience and install it.

    Cheers,

    James

  • Hi, James, and welcome to the UTM Community!

    You're correct that your second REGEX makes the first redundant.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Jens,

    "Basically, the live log is not showing anything. It neither shows blocked nor unblocked log entries for Nvidia"

    Hmmm, only a few possibilities:

    • nVidia is in an Exception that disables logging for it.
    • nVidia is in a Skiplist on the 'Misc' tab, so accesses are going via a firewall rule.
    • nVidia accesses are going via a firewall rule instead of Web Filtering and you need a Masquerading rule.
    • nVidia accesses are being blocked by a firewall rule.

    To eliminate the final possibility, watch the Firewall Live Log when attemting the nVidia access.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I went back through my configuration and found an issue with my RegEx rule. I believe the rule listed in James' post above should work.

    Now, I just need to wait on the next Nvidia update to confirm.

    Thank you to both of you! I believe the problem is solved. Will report back if it doesn't work.

  • Just to add that I had to skip:

    • Block by download size
    • Antivirus
    • MIME type blocking

     

    And then it worked.

     

    Jaime

  • This does not seem to be needed anymore (at least not on XG which I assume should be same concept in terms of web filtering). I don't have any exceptions defined for nvidia and GeForce experience downloads and updates drivers just fine

    Also, as a side note, in the second regexp the http? would not accomplish what was intended: "?" means previous token (which is "p") is optional. So I guess it should have been "https?"

    Which also indicates that it wasn't needed in the first place for https in this case.