FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
abarad
Staff
Staff
Description

This article describes how to resolve anydesk issue on the user system which gives the error messages as:

 

'Session Closed: Session has ended Status: anynet_unknown' and 'Session Closed: Session has ended Status: ssl_14090086'.

 

When default web filter is used in IPV4 traffic policy and option Rate URLs by domain and

 

IP Address is disabled.

Scope

FortiOS

Solution

Anydesk application comes under the 'Remote access' category under Webfilter.

 

Anydesk application will try to fetch data from anydesk cloud while it is running. Sometimes IP address that anydesk application tries to access.

 

Anydesk cloud is not categorized on FortiGuard and

comes under 'Unrated Category' which is blocked by default in the default web filter profile.

 

This causes anydesk to stop working as the destination IP address falls under the 'Unrated' category for default action is set to 'Block' and resulting in giving error message on user anydesk application.

 

Error message: 'Session Closed: Session has ended

Status: anynet_unknown' and 'Session Closed: Session has ended Status: ssl_14090086'.

 

Error message snapshots:

 

abarad_0-1637777655062.png

abarad_1-1637777669733.png

 

This issue can be resolved in two ways as below:

 

1) Chang default action set for the unrated category for default web filter to 'Allow' from 'Block' so that when anydesk application tries to fetch data from anydesk cloud and is not categorised under any category and will be allowed by 'Unrated' category.

 

Note.

- This will allow all IP’s coming under the Unrated category which is not Falling under any category on the default web filter profile.

 

- To check details of web filter category for website; Go to https://www.fortiguard.com/.

 

Select Services -> Web Filtering, enter the website name, select FortiGATE OS version and select 'Enter' to view category:

 

abarad_0-1637778158577.png

 

Steps to change Unrated category action to 'Allow' in default web filter from GUI :

 

- Go to Security Profiles -> Web filters, select default profile, choose 'Unrated category' and select to change action to 'Allow' :

 

abarad_1-1637778207523.png

 

2) Enable the 'Rate URLs by domain and IP Address' option under Rating Options for default web filter to allow Fortiguard to rate URL category based on URL domain and IP address.

 

Steps to enable 'Rate URLs by domain and IP Address' option under default web filter from GUI:

 

Go to Security Profiles -> Web filters -> Rating Options, select default profile, enable 'Rate URLs by domain and IP Address'.

 

Snapshot :

 

abarad_2-1637778244837.png

 

Test Logs :

 

Here destination IP: 51.89.42.214 is getting blocked under 'Unrated Category' for 'Default web filter'.

After doing IP lookup for this IP: 51.89.42.214, the user can see that IP belongs to anydesk domain (Link: https://whatismyipaddress.com/ip/51.89.42.214).

 

and is falling under the 'Unrated category' which is causing the issue.

 

After allowing 'Unrated Category' under default web filter: first solution or 'Enabling Rate URLs by domain and IP Address' option under default web filter issue can be resolved.

 

Snapshot :

 

abarad_3-1637778283771.png

 

Reference Document :

 

https://www.fortiguard.com/webfilter?q=anydesk.com&version=6

https://www.fortiguard.com/webfilter/categories

Contributors