Jump to content
Lord_LolzWorth

Malwarebytes Web Protection Blocking DNS Resolution of Internal Clients

Recommended Posts

Hello all,

I am trialing a VPN solution for my workplace. We are using the in built CISCO Meraki VPN Client Server to setup and maintain the VPN. 

The main goal of the VPN is to allow sales and technical staff access to network mapped resources back at HQ, and to allow the technicians to remotely enter customers sites. We setup all sites so that only our HQ IP address can access them remotely for security purposes. 

One of the key requirements of this VPN is to have FQDN (Fully Qualified Domain Name) resolve correctly both onsite and offsite of HQ. 

Onto the issue at hand. On clients not running Malwarebytes, I can successfully connect to the VPN, ping network resources by both their IP and FQDN, and map network drives. On my test laptop running Windows 10 and Malwarebytes 3, I cannot ping FQDN and as a result cannot map network drives. I can ping network resources via their IP, however this is not ideal due to possible IP changes in the near future then requiring that all client PC's have their network mappings updated. 

After some troubleshooting I was able to narrow the issue down to Malwarebytes by first disabling it and been able to successfully ping FQDN, and then further narrowed down to Web Protection by following the same process. I have tried adding an exclusion for the external IP of the VPN server but this has not helped. 

 

Details of the type of VPN used are below:

VPN Server: Cisco Meraki Firewall
Type: IPsec2 / Pre-shared Key
VPN Server using onsite nameserver as DNS.

 

We are currently investigating antivirus solutions to role out to our whole team and unfortunately this is painting a black spot on Malwarebytes as been the choosen solution. I have used Malwarebytes for years and hold it in high regard, hopefully this can be resolved with the communities help :)

 

Thanks,

Lord_LolzWorth

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes 3 Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven't done so already, please run these two tools and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Farbar Recovery Scan Tool (FRST)
    1. Download FRST and save it to your desktop
      Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
    2. Double-click to run FRST and when the tool opens click "Yes" to the disclaimer
    3. Press the "Scan" button
    4. This will produce two files in the same location (directory) as FRST: FRST.txt and Addition.txt
      • Leave the log files in the current location, they will be automatically collected by mb-check once you complete the next set of instructions
  • MB-Check
    1. Download MB-Check and save to your desktop
    2. Double-click to run MB-Check and within a few second the command window will open, press "Enter" to accept the EULA then click "OK" 
    3. This will produce one log file on your desktop: mb-check-results.zip
      • This file will include the FRST logs generated from the previous set of instructions
      • Attach this file to your forum post by clicking on the "Drag files here to attach, or choose files..." or simply drag the file to the attachment area

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Share this post


Link to post
Share on other sites

Hello there,

I'm currently running in to the same issue using the premium trial (MB v3.4.4.2398, CP v1.0.322 and UP v1.0.4458).
Only way for me to have my VPN (L2TP/IPsec) working in combination with regular internet access is to disable real-time web protection.

As I'm using my own proxy-dns I suspect that being the issue, however I don't alter any public records.

Also local addresses are resolved without an issue.

Thanks for looking in to this matter,

Regards,
PW00X

Share this post


Link to post
Share on other sites

This issue is currently under investigation. Other customers using Cisco Meraki VPN have encountered the same issue and the cases are currently in the hands of our engineering dept. to be fixed. Consumer 3.4 does not fix it. We are awaiting a new build that will fix it.

Edited by djacobson

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.