Hi,

We have recently purchased and installed Endpoint Protection.

Most of our staff work offsite so we need to enable connection via the internet. Avast have informed me this is done by altering the ini file to include the IP of our server in the office. All well and good, but none of our users can alter this - they simply get a message saying ‘Access is denied’.

Been trying to get this resolved with Avast for 2 months now to no avail. They insist that our staff don’t have the permission levels required on their laptops - despite the fact that they have remoted into my laptop and seen that mine is the only user account on it, with full admin rights, and that I have enabled full permission in the Avast settings as per their instructions. Have also disabled the self-protection in Avast when trying to do this, again it still doesn’t work. Avast have now essentially stopped supporting this problem by pretending it’s not a flaw in the software.

Has anyone else had this issue or does anyone know how to resolve it? This has been nothing but frustration, and I wish we had gone with another supplier. Thanks for any help.

Win Vista or 7?
try this:

• start notepad with RUNAS AS ADMINISTRATOR and open the ini file to edit the ini file. Open it within notepad

what is the exact path of the ini file you try to alter?

Do you have the enterprise console installed?
if so then make a container for the outside laptops and give in the outside ip address and have the laptops update the policy

is there any reason why the laptops dont VPN into corp net? (or is it not needed to have corp net access)

Hi - we have the problem on Win7 machines as well as Win8.

I have the Avast Small Office Administrator installed on the server. It runs and works - all the computers in our office are showing in there, it’s only the offsite staff that can’t pick up.

Path of the file is:

C:\ProgramData\AVAST Software\Avast\avast5.ini

I tried what you suggested and still got the same message unfortunately.

You should do it in the program settings. See the instructions below:

1. Open avast! User Interface from the system tray.
2. Click on the ‘Settings’ button at the top-right corner.
3. Click on ‘Troubleshooting’.
4. Expand the ‘avast! Administration Console’ fieldset.
5. Change the value of the ‘Server name/IP’ field with your external domain/IP address.

I’ve had that setting changed since the beginning. It doesn’t make a difference for those connecting via the internet (at least, that’s what Avast have told me). A number of their customer service reps have advised me I need to change the ini file. The problem is the fact that this is impossible to do and they won’t support us in getting it done.

So you have this setting changed since the beginning and the clients still could not connect?
Could you attach one of the avastNet.log located in C:\ProgramData\AVAST Software\Avast\log

Hi,

That’s right, entering the IP in that field hasn’t made a difference.

I’ve just tried to change the ini now and attached the log you requested.

can you also post the setup.log from the same directory?

Hi - setup log is attached but it is empty, thanks.

Are you sure that the PC isn’t listed in the management console?
The avastNet log says that it is:

09/18/2013, 12:14:53 NotifyGlobalProperties arrived!

Search the avast! Small Office Administration Console computer groups for the machine hostname.

Sorry I should have explained better.

The computer I am trying to do this on is in our office - and yes it is in the management console. However, I want to change the ini so that when it is off site it still appears. This computer, along with the rest of our computers (offsite or onsite) are unable to do this.

Sorry understood that, what I didn’t is whether changing the address from the GUI, changes the address in the INI file.
It should as the value of the GUI is stored in the INI file.

Please do the following and report:

1. Open avast! UI > Settings > Troubleshooting.
2. Change the address and save the changes.
3. Open Settings > Troubleshooting and let us know if the address has changed to the one from step 2.
4. Open the avast5.ini and find the ‘SBCServerName’ setting under the ‘Communication’ section.
5. Let us know if the address has changed to the one from step 2.

OK thanks.

I followed the steps you suggested here, and no change. After altering the address in the the UI, I checked it and it had changed to the one in step 2. But when I checked the ini, this field was still blank.

So you know, Avast have told me to enter the IP in both the ServerAddress field in ‘Communication’ as well as the same field in ‘Adnm Settings’. Neither of these changed after making the change in the UI.

with the setting via the GUI being correct, try to update outside the office. Unimportant for a moment what the INI file tells you.
Did you test this already with the new setting, or do you not test it because the ini file is not changed?

Keep in mind that managing clients that are outside corporate network without VPN connection you need the following:

1. the given address for the clients to update/report to should be a public available fully qualified DNS name (something like avast.yourcorpname.com)
2. your edge firewall needs to be opened on several ports forwarding them to the avast update server to manage outside clients

Thanks wpn - I only saw your reply now, with this dragging on for so many months I often forget about this for awhile. I haven’t had my laptop offsite so when I do I will try to connect.

We have an IP address for the clients to report to, as I was told by Avast that this was acceptable. Also have the 3 required ports open on our router which redirect to the private IP of our Avast server.

Everything should theoretically be working if the right ports are open and in the console the right IP is given to the clients to report to