Problem with SecureCRT 6.0

[wwmiller3]

Hi,

I just got notice of the final release of SecureCRT 6.0, so I installed it along with SecureFX 6.0. I previously had been using versions 4/5.5. While SecureFX 6.0 works fine after installation, the same cannot be said for SecureCRT 6.0. In my case, it appears my firewall (AVG 7.5) is blocking SecureCRT from getting out of my system based on the fact if I disable the firewall, all is well. Unfortunately, there are no events in the firewall log that indicate what/why is getting blocked.

Any ideas on what might be happening?

Thanks.
Warren

[wwmiller3]

As a test, I reinstalled SecureCRT 5.5.2 and sure enough my firewall detects it attempting to connect and offers to build a rule to allow the connection to pass. Something in 6.0 is not triggering the same response from AVG-- it just gets blocked.

[kbarnette]

Hi Warren,

I am currently looking into this issue.

I will probably need to create an entry in our development database for a closer inspection, but in any case I will keep you posted.

[wwmiller3]

Thanks. Appreciate it. Let me know if you require additional information.

Warren

[kbarnette]

Hi Warren,

I have created an entry in our development database so that this issue can be investigated in further detail.

We will look to see if there is some type of provision we can make that will allow the firewall to detect SecureCRT's out request.

In the event that a resolution is made available, we will post here.

If you would like to be contacted personally, feel free to contact us and reference this forum thread (2696).

[wwmiller3]

Thanks. I'll keep an eye out for it in this thread.

[wjbuuid]

Warren,

I have the same configuration and issues as you are experiencing. The AVG client reports log entries for 'Filter Device' (Go to Firewall>Configure, look at Log). I tried to manually add SecureCRT to the allow list and it did not work. This isn't a huge surprise given the symptoms of the issue. As a final workaround I created a custom filter in AVG.

1. Go to AVG console
2. Click on Firewall and choose configure
3. Go to the System tab
4. Click on Add Rule
5. Service name: Telnet SSH Workaround for SecureCRT
6. Click on Create Rule
7. Define a new Service:
7a. Telnet:
-> direction: out
-> source ports: *
-> dest ports: 23
7b. SSH:
-> direction: out
-> source ports: *
-> dest ports: 22
8. Add the new services to 'Applied Services'
9. Add new networks (RFC 1918 address ranges)
a. 10.0.0.0 / 255.0.0.0
b. 172.16.0 / 255.240.0.0
c. 192.168.0.0 / 255.255.0.0
10. Deselect all other networks and leave the three new networks checked
11. Set Action to 'Allow'
12. Click on 'OK'
13. Click on 'OK' to save the System Service
14. Click on 'Apply' to activate the new service profile rules

This worked well for me. I chose to be conservative and allow the RFC 1918 addresses only.

Regards,
Bill

[tnygren]

Hi Warren,

Our developers have resolution for this issue in a pre-release version of SecureCRT.

Could you use the link and information in Kevin's forum post and send us an email so we can provide you with this build?

[wwmiller3]

Will do. And, thanks Bill for the detailed work around for AVG!