4 Replies Latest reply on Sep 1, 2015 3:29 AM by pedro.tavares

    Teamviewer 10 - Not activating

    pedro.tavares

      Hi community members.

       

      I'm installing an NGFW 325 version 5.9 cluster (two nodes with CVI on ISP interface and internal network). Maybe this should be a easy task to do but I'm having issues with Teamviewer 10 and I can't figure them out. No matter if I create a rule with teamviewer application or with the service (tcp/udp 5938), it just can't connect. The error is in the below image.

       

       

      My logs shows the following:

       

      And those are the rules I'm working with. As you can see, the event in log match the rule with tcp/udp 5938

       

       

      Any thoughts?

       

      Kind regards,

       

      Pedro Tavares

        • 1. Re: Teamviewer 10 - Not activating
          thyvarin

          Hi,

           

          Based on the screenshot of log entries it's not possible to say what could be the problem as it just shows few connections to port 5938 opened and closed. Perhaps TeamViewer also tries opening some other connections that are not allowed. Anyway only way to better analyze and understand the problem would be to collect traffic captures on NGFW internal and external interface while you TeamViewer connection is attempted and fails. Based on the captures you can see what traffic is created and how those connections work, and you can then also relate that to log entries.

           

          Also if you have active support, you might wish to open Service Request for this.

           

          BR,

          Tero

          • 2. Re: Teamviewer 10 - Not activating
            pedro.tavares

            Hi thyvarian,

             

            I've opened a service request. I'll place the results here as soon I got them.

             

            Regarding Teamviewer communications, I've the following theory. If there is an application that detects teamviewer traffic, we shouldn't worry about ports and protocols. Anyway, Tamviewer application have the following ports: 80, 443 and 5938. Also traffic hits the correct rule at Outbound (leaving FW). I can't detect any problem at inbound (if is another flow).

             

            Anyway, thank you very much for your input.

             

            Best regards.

             

            Pedro

            • 3. Re: Teamviewer 10 - Not activating
              mcoy

              Hi Pedro,

               

              I've got the same problem. After small investigation I found the reason - file filtering policy. If policy was setup to filter "all" services some type of traffic was blocked. I've changed my policy to filter only "supported" protocols - http,ftp and now it works.

               

              Regards,

              mcoy

              • 4. Re: Teamviewer 10 - Not activating
                pedro.tavares

                Hi Mcoy,

                 

                I'll give a try and return with the results.

                I also have an open incident with support and I'm waiting their feedback.

                 

                Best regards,

                 

                Pedro Tavares