@import "/themes/withsecure/design/coveo/CoveoFullSearch.min.css"; @import "/themes/withsecure/design/headerfooter.css"; header .container, .top-header {display:flex; width: 100%;padding: 0;flex-direction: row;justify-content: space-between;} a#searchboxtoggle[data-toggle="collapse"] #displaysearch:before {content: "\f220";font-family: fsg-icon;font-size: 26px;color: #red;font-style:normal} a#searchboxtoggle[data-toggle="expand"] #displaysearch:before {content: "\f130";font-family: fsg-icon;font-size: 26px;color: #fff;font-style:normal} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 30px;height: 53px; transition: .6s ease-in-out;} @media screen and (max-width: 370px){ .header-searchbox.expand {width: 300px;} } @media screen and (min-width:371px) and (max-width: 700px){ .header-searchbox.expand {width: 450px;} } @media screen and (min-width:701px) and (max-width: 991px){ .header-searchbox.expand {width: 450px;} } @media screen and (max-width: 991px){ a.Header-logo svg {margin-top:8px} .header-coveosearch { margin:auto;width: 60px;position: absolute;right: 0;height: 64px;} .header-searchbox {width: 0;overflow:hidden} .header-searchcontainer {position:absolute;margin:auto;top: 0;width: 60px;height: 62px;text-align: center;} .header-searchcontainer {padding-top: 6px;} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 60px;top:0;height: 63px;} .bottom-header.display {width:100%} .searchPage .Hamburger {right:9px!important;left:unset!important} .searchPage .Hamburger-border {right:0!important;} } @media screen and (min-width: 992px){ header .row:nth-child(1) {position:absolute; top:0;height:52px} .bottom-header {margin-top:60px} .header-top-links {margin-left:auto} .header-searchcontainer {float:unset; margin:unset} .header-coveosearch {margin-top:8px;margin-right:30px;width: 10px;} .header-searchbox {top: -9px;} .header-searchbox.expand {width: 500px; min-height:200px} .searchboxtoggle {margin-top:0} .searchboxtoggle:hover {cursor:pointer} .searchboxtoggle:hover #displaysearch:before, .header-searchcontainer.expand .searchboxtoggle:hover #displaysearch:before {color: #c6ceff} .helpforum-dropdown:hover, .supportarticles-dropdown:hover {cursor: default;} .helpforum-dropdown a:hover {cursor: pointer;} .helpforum-dropdown a, .supportarticles-dropdown p {width: fit-content} .header-top-link.active::after, .header-top-link:hover::after {top:-5px} .helpforum-dropdown.active::after, .supportarticles-dropdown.active::after, .dropdowns > li:hover::after {top:7px} } @media screen and (min-width: 992px) and (orientation:landscape) { .top-header {width:98%;} } .btn { min-width: 100px; } .btn-inverse { color: #fff; border-color: #fff; background-color: #00000000; border-width: 1px; } .btn { display: inline-block; margin-bottom: 0; font-weight: 600; text-align: center; vertical-align: middle; touch-action: manipulation; cursor: pointer; background-image: none; border: 1px #00000000; line-height: .71; border-radius: 4px; -webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none; font-size: 14px; padding: 14px 15px; min-width: 114px; text-decoration: none; } .btn-lg, .btn { -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .btn { text-rendering: optimizeLegibility; -ms-font-feature-settings: "liga" 1,"kern" 1; font-feature-settings: "liga" 1,"kern" 1; font-variant-ligatures: normal; font-kerning: normal; } a { text-decoration: underline; } .cmp_footer { font-family: Archivo-Light; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } @media (min-width: 992px) .cmp_footer__newsletter { grid-area: newsletter; margin-top: 2.5em; } .cmp_footer { font-family: Archivo; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } .btn.btn-inverse.btn-outline { border: 1px solid #fff; }

Community

Troubleshooting WithSecure Elements Endpoint Protection

How to create a custom F-Secure Elements Endpoint Protection profile to allow VPN traffic through the firewall? Which ports to open?

Issue:

After installing Elements Agent (EPP for Computers or for Servers), VPN connection stopped working and is blocked by the firewall feature.
How to create a custom Elements Endpoint Protection profile to allow the VPN connection?
Which ports need to be opened to allow PPTP, L2TP and IPSec VPN connection through the firewall?

Resolution:

In this case you have to start by creating a custom profile which can be edited.

Creating a custom profile:

Log in to the Endpoint Protection Portal
Go to the Profiles page
Select the circular symbol with three dots in the middle next to the profile you want to clone
Press on clone profile
Enter a name and label of the new custom profile

After creating a custom profile, you can start creating new firewall rules.

Creating a new VPN firewall rule:

Select the profile you want to use
Select Firewall
Go to Firewall rules and select add rule
Enter a name and description of the rule, e.g Allow VPN

The ports and protocols that need to be allowed vary between each VPN connection type. Verify with your VPN provider the type of VPN connection you are using.

To allow common PPTP VPN traffic:

Allow PPTP tunnel maintenance traffic, open outbound TCP port 1723
Allow PPTP tunneled data to pass through router, open outbound protocol 47 (GRE)

To allow common IPSec VPN traffic:

Allow Internet Key Exchange (IKE), open UDP port 500 inbound and outbound
Allow IPSec Network Address Translation (NAT-T), open UDP port 4500 inbound and outbound
Allow Encapsulation Security Payload protocol (ESP), open protocol 50 inbound and outbound
Allow Authentication Header protocol (AH), open protocol 51 inbound and outbound

If IPSec IKEv2 VPN connection is not working after creating the above firewall rules, enable Allow unknown outbound connections from the profile and see if it helps. By default Windows firewall has unknown outbound connections allowed, while the F-Secure firewall profile will block them.

To allow common L2TP VPN traffic:

Allow L2TP traffic, open UDP port 1701 inbound and outbound
Allow protocol 115 inbound and outbound

Once the firewall rules have been created, the profile needs to be assigned to the target devices.

Assigning a profile:

Go to the Devices page
Choose the device(s) to which you want to assign a profile to
Click on Assign > Assign profile
Select the profile with the VPN firewall rules and click Assign

Article no: 000002583