Issue: No access to DRAC5 interface website. (Dell PE2950) at home in test environment.
Workstation: Windows 10 x64 Pro English
Avast version: Free 17.2.2288
Virus def. : 170311-0
Browser: IE 11
Unable to access the website from DRAC5 when the option “Enable HTTPS scanning” is enabled in WebShield.
Because there is no update available for the DRAC5, I want Avast to exclude the url from the DRAC5 in Webshield.
When I add the website to the exclusion list (http://ipaddres) I can’t still not access the webinterface.
I have to disable the option “Enable HTTPS scanning” to get access to the webinterface.
Does someone know how I can exclude the DRAC5 webinterface from scanning by Webshield, so I can you the option “Enable HTTPS scanning” ?
I don’t believe you have given the address you are actually trying to exclude, but an example of what you have entered (as it doesn’t appear to be valid).
What is the full URL you are trying to exclude, what you have actually typed in the exclusion field ?
I don’t know if https would be correct on a local IP address.
Next, given that this is a local IP and you are using a browser to access it. I don’t know if the Web Shield would be scanning local IPs.
That said You could put this in the Web Shield Exclusions AvastUI > Settings > Components > Web Shield > Customise > Exclusions. You could also consider excluding the DRAC executable in the ‘Processes to exclude’ option.
I’m at a loss as to what else to suggest, the only thing that comes to mind is changing the https to http in the exclusion. As I said I just wonder about https in local communication.
In earlier versions of avast there used to be a setting to ignore local communication, but I can’t find that option at the moment.
OK did some digging and it is still there.
AvastUI > Settings > Troubleshooting > scroll down (I hadn’t gone down far enough) to Redirect Settings. Check the ignore local communication and see if that works. Or try adding the local IP address to the Ignored addresses: field.
I have tried to add the IP address to AvastUI > Settings > Troubleshooting >Redirect Settings with no luck
Also tried only the IP address, tried https://ipaddress and tried http://ipaddress with no success.
The setting “Ignore local communication” was already enabled by default.
Tried this setting disabled but also no success.
It looks to me, that exclusions doesn’t apply to the option “Enable HTTPS scanning”.
I don’t know if this is by design or a bug.
Unfortunately as an avast user, I don’t know if https isn’t accepted or work in exclusions.
Some time ago when https traffic wasn’t scanned it wasn’t possible to enter an https url in exceptions, well that isn’t entirely correct (it tagged it with http). But it didn’t work.
Did you try excluding the process I suggested before:
That said You could put this in the Web Shield Exclusions AvastUI > Settings > Components > Web Shield > Customise > Exclusions. You could also consider excluding the DRAC executable in the 'Processes to exclude' option.
Something else to try if this isn’t already enabled - Web Shield settings - enable the ‘Scan traffic from well-known browser processes only.’
I am not sure what to enter in the “Processes to exclude” option.
By entering the website I get a certificate warning. This is correct because the cert. past due.
But when the option “Enable HTTPS scanning” is enabled, web browser doesn’t put up the screen with the cert. warning at all.
The website doesn’t open at all.
IE 11 show only " Waiting for 192.168.24.10" and the circle goes round and round…
Do you have any ideas where I can find the values I have to enter in “Processes to exclude”.
Also tried “enable the Scan traffic from well-known browser processes only.” but that doesn’t give any better response.
What is the executable that runs this DRAC (you will have to excuse my ignorance, I have no idea how this works), it is connecting to the internet acting like a browser and the web shield would be trying to monitor that traffic. It is that executable that you have to enter.
Use the browse button (image) to navigate to the executable.
Hi, seems like you are doing everything correctly. The complete string to exclude an HTTPs URL from scanning is inside WebShield’s settings dialog, URLs to exclude and enter the following string into one line:
What we would really like to find out is the reason, why you are having the issue with WebShield and DRAC5. We would really appreciate if you’ll be able to gather some debugging logs for us. I’ll post you in PM on Monday with detailed instructions, as soon as I’ll get in touch with the team.
The most probable reason is the fact that the cert is expired (am I right? Is the certificate correct but just expired?) However, the URL exclusion should also help you.
You are correct about the certificate.
The certificate is expired and when the option " Enable HTTPS scanning" is disabled, I get in IE11 the warning about an untrusted certificate.
That is normal reaction and an expected reaction.
When I try to add “https://192.168.254.10” the * is automatically added by Avast.
So I have added “https://192.168.254.10*” and " https://192.168.254.10/*“to the exclusion list of " Webshield” and at “General”.
Disabled shields and (re)enabled shield for a services restart.
No success so far.