Skip to content

Impact of Antivirus and Windows Defender

Jump to bottom
dovholuknf edited this page Nov 13, 2020 · 2 revisions

The Ziti Desktop Edge for Windows provides a local DNS server in order to provide the ability to resolve DNS names that are not recognized outside of Ziti. This is powerful functionality and is how the Ziti Desktop Edge for Windows provides a seamless user experience. If this functionality fails it can be a disruptive experience for those who are not well-versed in DNS and Windows networking in general. In order to rule out external issues to the Ziti Desktop Edge for Windows please consider the following:

  • If any anti-virus (AV) software is running - disable it. After the Ziti Desktop Edge is working properly re-enable the AV software and see if your network connectivity is impacted. If it is - disable the AV again and verify the network works again. You will need to figure out what and how the AV is getting in the way and update the AV to allow the Ziti Desktop Edge for Windows functionality to function properly.

  • Check Windows Defender and ensure it is not blocking port 53 on your TUN IP. There is no easy way to do this at this time but you can perform the following steps:

    • open a command window as administrator (if possible)
    • ensure the correct services are started by running: net start. At the end of the list you should see these two services listed: "Ziti Desktop Edge Service" and "Ziti Desktop Monitor Service".
      • If they are not listed start them by typing net start ziti and net start ziti-montitor (if you could not run as administrator this command will likely result in an error response)

  • find the DNS server by typing ipconfig /all and finding the "DNS Servers". You should see a section similar to this:

     Default Gateway . . . . . . . . . : 192.168.1.1
 DHCP Server . . . . . . . . . . . : 192.168.1.1
 DNS Servers . . . . . . . . . . . : 100.64.0.1
                                     192.168.1.1
 NetBIOS over Tcpip. . . . . . . . : Enabled

  • Use the FIRST ip address listed (shown above as: 100.64.0.1) and run nslookup to probe the DNS: nslookup github.com 100.64.0.1 you should see a response that looks like this:

      Server:  UnKnown
  Address:  100.64.0.1
  
  Non-authoritative answer:
  Name:    github.com
  Address:  140.82.112.4

  • If you do not see this or you get an error response - stop the Ziti data service by issuing: net stop ziti (again this command will fail if you are not administrator)

If you continue to have problems - please ask a question over in Discourse to get more help

Clone this wiki locally