Resolution: You need add DVMax in the firewall on the server. Open Windows firewall. Go to Allow an app or feature through Windows Defender Firewall.
Add the DVMax.
If you don’t see DVMax, click on Allow another app.
Case 2: Clients don’t load the appointments. Or open with different IP address, for example the DVMax server IP is 192.168.0.9, but it opens with 169.248.0.1.
Troubleshooting: The server is a multi-homed computer with two or more NICs. One of them doesn’t have correct IP address. Disable it.
Situation: You may receive this message “Something happened and your PIN isn’t available” when attempting to using PIN to login Windows 10. Or you see windows Hello PIN option is unavailable under Account sign-in options
Troubleshoot: Delete files in NGC folder.
Navigate to C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC.
Note: you need to login administrator account to do so.
Situation: 1. Malwarebytes Cloud Manager reports a computer hasn’t run Malwarebytes for a month.
2. Running Malwarebytes manually doesn’t do anything and no error message.
Troubleshooting: 1. Make sure two Malwarebytes services (Malwarebytes Endpoint Agent and Malwarebytes Service) are running. To do that, type service in the search bar. Click on Service App to run.
With the Service open, make sure the computer is running Malwarebytes Endpoint Agent and Malwarebytes Service.
If the Malwarebytes Endpoint Agent and/or Malwarebytes Service are not running, highlight the service and click Start service icon.
Now, try to run Malwarebytes again. If the Malwarebytes doesn’t run, or the computer missing one of the Malwarebytes services, go to troubleshooting 2.
Troubleshooting 2: Remove and re-install the Malwarebytes.
In the search bar, type control. Then click on Control Panel App.
In All Control Panel Items, click on Programs and Features.
Highlight the Malwarebytes Endpoint Agent and click on Uninstall.
After uninstalling Malwarebytes, restart your computer. Then re-install Aetup.MBEndpointAgent.Full.exe file to re-install Malwarebytes.
Situation; The client just replace a defected hard drive on his dell computer. However, he can’t boot with “No bootable devices found”.
Troubleshooting: 1. Run Dell diagnostics tool to confirm the hard drive passing the test.
2. compare the hard drive, we found original hard drive which is defected is SSD hard drive which compatible with UEFI Mode boot. The replaced hard drive is ATA hard drive which is not compatible with UEFI Mode boot. in other words, ATA hard drive is compatible with BIOS Mode boot.
3. Access BIOS settings to change to Legacy boot fixes the problem.
Please refer to this step by step how to enable BIOS mode boot video:
basic file blocking—Attach this profile to the Security policy rules that allow traffic to and from less sensitive applications to block files that are commonly included in malware attack campaigns or that have no real use case for upload/download. This profile blocks upload and download of PE files ( .scr, .cpl, .dll, .ocx, .pif, .exe) , Java files (.class, .jar), Help files (.chm, .hlp) and other potentially malicious file types, including .vbe, .hta, .wsf, .torrent, .7z, .rar, .bat. Additionally, it prompts users to acknowledge when they attempt to download encrypted-rar or encrypted-zip files. This rule alerts on all other file types to give you complete visibility into all file types coming in and out of your network.
Palo Alto Firewall not only allows you to monitor activity on your network, but also is a useful troubleshooting tool. This video shows you how to monitor and troubleshoot related to Port Traffic Filter.
Example 1: To shows all traffic traveling from source port 3389, use this command: (port.src eq 3389)
From the results, we can see type, source IP address, Destination IP address, port, applications, action and Rule.
Example 2: To shows all traffic traveling to destination port 443, use this command: (port.dst eq 443).
Example 3: to shows all traffic traveling from source port 80 and traveling to destination port 443, use this command: (port.src eq 80) and (port.dst eq 443)
Example 4: To shows all traffic traveling from source ports 1-22, use this command: (port.src leq 22).
Note: the port starts at 0.
Example 5: To shows all traffic traveling from source ports 1024 – 65535, use this command: (port.src leq 22).
Example 6: To All Ports Greater Than Or Equal To Port 1024, use this command: (port.dst geq 1024).
Example 7: To shows all traffic traveling from source port range 20-53, use this command: (port.src leq 22).
Example 8: To hows all traffic traveling to destination ports 1024 – 13002, use this command: (port.dst geq 1024) and (port.dst leq 13002).
Palo Alto Firewall not only allows you to monitor activity on your network, but also is a useful troubleshooting tool. This article shows you how to monitor and troubleshoot related to Zone Traffic Filter.
Example 1: To shows all traffic coming from the GlobalProtect zone, use this command: ( zone.src eq GlobalProtect )
From the results, we can see source IP address, VPN username, Destination IP address, port, applications, action and Rule.
Example 2: To shows all traffic going out the AWS zone, use this command:
(zone.dst eq AWS).
The result shows from trust to AWS, source IP address, destination IP address, p[ort, application and rule.
Example 3: to shows all traffic traveling from the GlobalProtect zone and going out the DMZ zone use this command: ( zone.src eq GlobalProtect ) and ( zone.dst eq dmz )
Case 1: The client provides remote desktop access for their customers. Service dept reports some customers can’t access the remote server and would lie to know if their firewall blocks customers’ IP address.
Resolution: Run this command: ( zone.src eq untrust ) and ( action eq deny) and ( port.dst eq 3389 ). The result shows the firewall blocks only foreign countries IP addresses as shown next page.
Finally, they find the RDP server has a software called RDPGurad which blocks any failed login 3 times accounts. It is no thing to do with the firewall. The case closes.
Situation: When installing installing Windows 10 version 2004, the client’s receives top code: KMODE EXCEPTION NOT HANDLED BSOD.
Troubleshooting: The windows creates C:\Windows\Minidump and it seems to us the computer is not compatible with version 2004. Re-installing Windows 10 version 1909 fixes the problem.
