Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Subscribers 40 subscribers
  • Views 13916 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to allow (or block) AnyDesk when using TLS Scanning

JasP

The problem with AnyDesk is that TLS scanning doesn't work with the connection made to their relay servers (which join the client to the host), so the connection fails.

Exempting URL's doesn't work because the connection is made by IP, not URL. There is a 3 year old post (https://community.sophos.com/xg-firewall/f/discussions/101061/anydesk-not-working) that suggests utilising the Category 'IP address' as a basis for exemption. I think this is a poor solution as it will then allow any direct IP connection, not just the AnyDesk ones.

AnyDesk don't publish a list of their relay servers (presumably because they change over time) but they do have URLs (they just don't use the URL to make the connection). They are all of the format *.net.anydesk.com, e.g. relay-5f045e20.net.anydesk.com

Using a site to retrieve all the A records (I used https://hackertarget.com/find-dns-host-records/) I got a list of all the relay servers, 387 currently, I then put this in an IP list and used that list to exclude the IPs from TLS inspection and AnyDesk works with no issues.

For those wishing to block AnyDesk, you can use this information to build a block list, although, if you are using TLS scanning, AnyDesk doesn't currently work anyway! Maybe Sophos will fix this in a future release (I'm currently using 18.0.3 MR-3).

The list of relay servers will probably change over time, in which case you can use this info to create a new list or just add any new IPs as they crop up (you should be able to find them in the 'SSL/TLS inspection' part of the log viewer).

For those too lazy Stuck out tongue to build their own list, the current list is:

192.155.106.69
46.4.105.230
177.54.145.75
136.243.81.155
178.128.83.14
216.245.193.50
104.243.41.211
5.188.148.22
186.233.185.73
103.107.198.70
186.233.185.64
92.38.148.19
82.223.101.124
5.188.148.13
49.12.130.236
178.162.151.213
138.201.130.101
95.217.197.184
37.61.218.225
136.243.71.27
116.202.225.117
51.81.245.48
92.38.150.63
199.127.62.145
209.222.97.48
92.223.66.68
46.4.101.81
134.119.220.101
139.99.68.207
82.223.102.174
5.188.71.118
178.162.151.212
178.128.118.254
208.115.237.254
116.202.172.152
216.144.253.178
139.99.69.89
92.223.66.67
177.54.145.77
116.202.162.91
5.188.148.26
51.91.80.122
139.99.121.132
51.195.5.158
51.178.91.234
82.223.39.162
85.195.83.105
51.178.65.177
92.38.150.24
51.178.65.228
51.83.239.144
51.89.98.178
92.38.148.17
51.89.6.202
177.54.150.126
139.99.122.45
186.233.185.71
51.83.238.200
136.243.77.37
146.0.234.85
51.89.98.179
116.202.114.37
64.31.33.218
51.178.91.237
38.39.192.6
92.38.150.23
88.99.1.27
88.198.34.103
177.54.145.44
38.39.192.10
207.188.6.19
162.254.201.201
82.223.120.52
92.223.88.232
176.9.92.22
192.155.106.115
138.201.7.158
51.83.238.221
139.99.69.87
62.75.235.180
178.128.116.60
144.76.103.21
146.185.219.17
92.38.150.61
92.223.66.38
51.83.238.213
151.106.5.211
134.119.216.185
92.38.150.66
51.83.238.241
51.178.91.233
5.188.71.55
136.243.44.15
172.105.219.53
51.89.98.181
104.238.148.200
51.91.80.124
51.83.239.145
146.185.219.33
136.243.137.2
92.223.85.103
177.54.155.15
192.155.106.225
136.243.135.166
51.91.80.119
199.127.60.83
49.12.130.235
92.223.66.75
192.155.108.5
92.42.108.153
189.1.174.48
213.198.67.114
92.223.66.31
103.107.198.54
92.223.88.41
78.46.49.23
134.119.216.245
92.38.150.67
189.1.174.39
216.245.219.66
213.239.219.11
92.223.85.102
92.38.177.11
145.239.1.122
167.99.75.56
92.38.150.71
138.201.217.169
177.54.155.18
167.99.76.132
92.38.150.70
186.233.185.76
138.201.29.112
51.178.65.229
185.19.219.127
5.188.120.11
216.245.218.30
172.104.112.178
46.4.233.44
148.251.127.85
92.38.150.65
51.83.239.142
186.233.185.74
172.104.93.149
136.243.57.19
139.99.122.30
51.83.238.211
51.89.67.18
172.107.217.106
103.107.198.42
51.83.238.210
186.233.185.60
139.99.123.27
51.83.238.202
172.104.71.53
51.89.67.16
136.243.59.28
92.223.66.34
138.201.7.157
45.76.222.77
5.188.148.25
177.54.145.34
51.178.65.231
5.9.112.244
116.202.208.24
64.31.23.30
51.89.64.182
54.36.108.137
92.38.150.73
5.188.120.14
178.128.116.81
167.179.71.125
51.195.5.159
51.68.153.120
217.182.199.175
136.243.56.154
5.188.148.21
186.233.185.65
51.83.239.73
69.162.111.202
148.251.77.80
103.107.198.62
92.223.66.72
178.128.86.15
51.195.5.156
116.202.229.59
38.39.192.14
37.61.223.15
139.162.123.221
92.223.85.104
192.155.106.71
82.223.30.238
116.202.225.124
116.202.225.122
51.68.153.119
195.201.82.113
51.195.5.157
64.31.23.22
139.99.69.88
167.179.86.175
185.209.178.72
51.89.42.214
92.38.177.14
92.223.66.69
5.188.148.12
92.38.150.22
202.182.119.71
176.9.98.56
199.127.62.156
51.178.91.235
199.127.60.136
202.182.100.173
136.243.132.27
177.54.145.74
178.128.86.132
146.185.219.86
199.127.60.241
103.107.198.66
51.91.80.48
45.35.72.2
92.38.150.76
88.99.99.121
88.99.214.67
186.233.187.20
51.91.80.120
189.1.174.38
136.243.74.99
46.4.101.74
85.195.107.61
5.188.120.15
64.31.35.26
103.43.75.140
207.188.6.17
189.1.174.43
177.54.145.80
167.179.65.23
64.31.23.26
64.31.35.194
92.223.66.71
51.89.42.215
92.223.66.73
185.136.166.135
146.185.219.14
185.136.157.95
92.223.66.78
189.1.174.47
177.54.145.72
92.223.85.147
206.189.47.231
51.83.238.220
74.63.224.34
5.188.95.14
92.223.85.87
146.185.219.89
92.223.85.148
51.83.238.218
88.198.34.109
199.127.60.120
54.36.108.171
51.83.238.209
92.223.85.165
192.155.106.221
45.126.208.85
144.76.78.144
189.1.174.46
103.1.213.62
146.185.236.42
198.13.49.12
92.223.66.77
217.182.199.184
116.202.225.111
82.223.102.22
51.91.80.121
85.195.124.5
92.38.150.72
177.54.150.13
92.223.85.164
148.251.69.85
64.31.35.242
108.61.182.228
177.54.145.78
103.107.198.26
51.178.65.230
199.127.60.121
51.89.67.17
45.76.123.16
172.104.108.83
146.185.219.46
85.195.107.63
107.155.105.90
136.243.39.33
92.223.88.7
103.107.198.18
189.1.174.45
136.243.46.247
186.233.185.58
95.217.197.179
92.223.66.66
64.31.35.22
51.195.5.155
167.179.98.127
185.136.157.77
186.233.185.40
172.105.236.156
136.243.56.13
92.38.150.75
185.209.179.55
5.188.120.13
192.155.108.7
208.115.215.134
148.251.66.236
116.202.216.243
108.160.143.219
51.83.238.212
177.54.145.71
186.233.185.70
177.54.145.37
139.162.89.248
92.38.177.17
146.185.219.70
136.243.61.14
45.76.220.248
46.4.112.232
177.54.145.36
82.223.9.59
92.223.66.70
177.54.145.79
92.38.150.69
92.223.85.166
213.198.67.42
62.75.202.219
134.119.216.159
85.25.103.30
177.54.145.38
92.38.150.68
139.162.106.85
177.54.145.82
51.83.238.201
82.223.103.159
37.61.223.13
103.107.198.6
134.119.213.193
51.195.5.160
216.245.220.126
139.162.124.109
198.13.33.92
136.243.71.104
92.223.66.33
51.178.65.178
146.185.219.44
177.54.145.76
5.188.71.117
51.83.238.219
172.105.220.182
136.243.48.30
69.162.91.190
186.233.185.37
216.245.195.98
177.54.150.16
5.188.71.10
82.223.102.211
172.104.87.76
172.107.217.82
216.245.220.122
213.198.67.162
213.239.213.142
92.223.66.29
103.107.198.50
116.202.162.14
136.243.50.29
45.35.33.218
177.54.145.81
198.13.54.215
37.48.76.146
192.155.110.41
103.107.198.46
186.233.185.67
49.12.130.237
116.202.225.112
167.99.73.168
51.89.64.145
138.201.40.141
177.54.150.12
51.83.239.143
92.223.66.79
64.31.23.18
92.38.150.9
136.243.4.12



This thread was automatically locked due to age.
Unfiltered HTML