Summary
PPTP VPN connection is blocked when WFBS is installed in Windows Server 2003.
Details
To resolve the issue:
- Go to ..\Program Files\Trend Micro\Security Server\PCCSRV.
- Edit the ofcscan.ini file using a text editor.
- Look for INI_URL_FILTER_SEG_WHITELIST_SETTING_SECTION and add the following keys and assign an appropriate value for each.
[INI_URL_FILTER_SEG_WHITELIST_SETTING_SECTION]
SEG_WhiteListPortNum=xWhere x is the number of VPN approved ports, maximum is "100"SEG_WhiteListPort0=n1
SEG_WhiteListPort1=n2
...
SEG_WhiteListPort99=n100Where "n1", "n2", and "n100" are user-approved ports number. - Save the changes that you made in the ofscan.ini file.
- Open the Security Server web console and go to Preferences > Global Settings.
- Click Save to deploy the setting to the clients.
After the settings are deployed to the WFBS Agents, the following registry keys will be installed:In Microsoft Windows XP, Vista, and Windows 7:
[HKLM\SOFTWARE\TrendMicro\NSC\TmProxy\WhiteList]In Windows 8:
[HKLM\SOFTWARE\TrendMicro\Osprey\WhiteList]- SEG_WhiteListPortNum=x (DWORD), specifies the number of approved ports
- SEG_WhiteListPort0=n1 (String), specifies a user-approved port number (DEC)
- SEG_WhiteListPort1=n2 (String), specifies a user-approved port number (DEC)
... >
- SEG_WhiteListPort99=n100 (String), specifies a user-approved port number (DEC)The following installed subkeys are based on the number of processes you specified in the "SEG_WhiteListProcNum" key:- Path: [HKLM\SOFTWARE\TrendMicro\NSC\TmProxy\ WhiteList\portn1]
Name: Port
Type: REG_DWORD
Data: n1 (HEX) - Path: [HKLM\SOFTWARE\TrendMicro\NSC\TmProxy\ WhiteList\portn100]
Name: Port
Type: REG_DWORD
Data: n100(HEX)
- Path: [HKLM\SOFTWARE\TrendMicro\NSC\TmProxy\ WhiteList\portn1]
- Restart the WFBS NT proxy service on the Agent computers to enable the deployed ports setting in Windows XP, Vista, and Windows 7. You should now be able to use VPN without problems.