Jump to content
patrfamilias

Remote Desktop blocked by MBEP

Recommended Posts

I'm having MBEP block RDP coming into a terminal server on a non-standard port.  I do have Behavior Protection disabled in the policy that applies to the group that this server is in, per this document.

I don't see any detections in the cloud console...  nothing in event logs except successful security audit logs...  not sure where to start looking for logs or exclusions.  Any help would be appreciated.

TIA

ciao

 

Share this post


Link to post
Share on other sites

Greetings,

It is possible that the Web Protection component is blocking the connection.  Please test by excluding the IP that is attempting to remote into the affected system, and if that fails, try temporarily disabling Web Protection entirely to see if that yields any better results.

Please let us know how it goes.

Thanks

Share this post


Link to post
Share on other sites

disabling web protection fixed it, but i'd like to turn that back on.  Is putting it back to the standard port my only option?  Can't just exclude a port, right?

Thanks!

Share this post


Link to post
Share on other sites

just out of curiosity, how would I find evidence that web protection is what was blocking my connection?  How would I have troubleshot that myself?

TIA!

Share this post


Link to post
Share on other sites

If it was an actual web block then there should be an entry in your protection logs showing that a connection attempt to a malicious website was blocked, however I suspect it may be due to an issue they recently fixed on the consumer side where some connections were being blocked due to a driver issue and if the latter is the case then there will be no logged detection/block entry.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.