scanning feature locked
Hello, I have the following scenario:
a multi-functional networked printer, everyone can send prints normally, but can not scan and change the scanning preferences.
If you disable the firewall in F-secure Client procedure works normally, but if you leave there is no communication enabled.
the console is not generated error warning or blocking!
on the local machine file action.log some access denied "deny" does not appear in no time. follows a piece of the log where all accesses made by the printer are being accepted "allow".
----------------------------------------------------------------------------------------------------
2014-09-05T10:29:43-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:45-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:54-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:55-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:55-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:55-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,80
2014-09-05T10:29:56-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:57-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:57-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,80
2014-09-05T10:29:57-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:58-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,5000
2014-09-05T10:29:58-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,listen,6,192.168.1.49,54767
2014-09-05T10:29:58-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,80
2014-09-05T10:30:03-03:00,info,appl control,C:\PROGRA~2\LEXMAR~1\LMADVL~1.EXE,allow,connect out,0,192.168.1.131,0
2014-09-05T10:30:45-03:00,info,appl control,C:\Program Files (x86)\Lexmark MX310 Series\LMADVlscn.exe,allow,connect out,6,192.168.1.131,80
--------------------------------------------------------------------------------------------
below is informed by the software ports and functions, although I did test rules freeing all and not getting success.
-------------------------------------------
TCP 21 (FTP)
UDP 69 (TFTP)
TCP 79 (FINGER)
TCP 80 (HTTP)
TCP 443 (HTTPS)
UDP 137 (WINS)
UDP 161 (SNMP)
UDP 162 (Interceptação SNMP)
TCP 515 (LPR/LPD)
TCP 631 (IPP)
TCP 5000 (XML)
TCP 5001 (IPDS)
UDP 5353 (MDNS)
TCP 6110/UDP 6100/TCP 6100
TCP 8000 (HTTP)
Raw Print
TCP 9200 (Alertas de intervenção humana)
UDP 9200 (Descoberta)
UDP 9300/UDP 9301/UDP 9302 (NPAP)
TCP 9400 (Porta de Impressão Avançada)
TCP 9500/TCP 9501 (NPAP)
TCP 9600 (IPDS)
UDP 9700 (Plug-n-Print)
ThinPrint
TCP 65002 (serviço de impressão WSD)
TCP 65004 (serviço de digitalização WSD)
-----------------------------------------------------------
firewall configurationis set todefault OFFICE LAN.
has another place where you can analyze the logs? anyone has any idea how to release this function?
thanks!
Marlon Piassa
Comments
-
Hello Marlon Piassa,
You have F-Secure Client Security in use, right? What version do you have? 11.60?
To investigate the issue you can try to check packet log. In Settings GUI window open "Network connections" -> "Logging", adjust "Logging time" and "Max log file size" parameters, start logging and reproduce the issue. After that, stop logging and view details. Sort the packages by "Drop (dir)" colomn, and check all dropped packages. Add firewall rules to allow them in the future, if needed.
If you don't have any dropped packages, and the issue is still reproduced, please contact support.
Best regards,
Vad
1 -
Vad,
This setting was made, but he does not find any file dropped. or am I not looking at the correct log.
the product version is 11.60.
the file I am checking is the "action" that is in the folder C:\, configured the same way in the log settings.0 -
The output file of the logging mentioned by Vad should be named Packetlog.X ,X being an incremental number.
It is by default located under C:\ProgramData\F-secure\Logs\FSFW
You can open this file by double clicking it.
For reference you can check this Knowledge Base article.
6
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support