Anydesk issue.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Anydesk issue.

Hi everyone!
I have some issues with anydesk application. It has ssl issue because of decryption, I think.

I've added *.anydesk.com ind 'SSL decryption exclusion', but it didn't worked.

Maybe some of you have faced such kind of issue?

Thanks in advance!

anydesk.jpg

43 REPLIES 43

Hi @cverniani ,

All the pictures from my reply are screen snip from my PA config.

Can you be more specific about what screenshot are you referring?

 

Cheers,
Cosmin

Don't forget to Like items if a post is helpful to you!
Please help out other users and “Accept as Solution” if a post helps solve your problem!

Read more about how and why to accept solutions.

Disclaimer: All messages are my personal ones and do not represent my company's view in any way.

It seems to work fine. Tested it in my environment on PAN-OS 10.2.4 and it works.

 

Thanks!

L1 Bithead

this has stopped working once the anynet rootCA cert expired on the 7th of april , we urgently need the updated ROOT CA cert.

please someone post it.

L2 Linker

I'm on the same boat - CA certificate posted here expired and anydesk does not work anymore.

I've extracted Any Net Relay certificate with Wireshark and was I able to find some with SSLlabs (after few attempts it has finally connetced).

Unfortunately it's only Any Net Relay certificate (not CA), issued by AnyNet Root CA 2.

As it's not CA, it cannot be configured as "Trust Root CA"in Palo.

 

Any ideas how to find AnyNet Root CA 2?

 

 

ye bro were all having the same issue, anydesk support , palo alto support , noone is able to track the info to get the actual AnyNet Root CA 2 cert we need to upload to palo alto for the root ca option to be enabled. just a waiting game now.

L4 Transporter

Hello,

 

Since I wasn't able to capture the actual AnyNet Root CA 2, I just modify my decryption profile as follows:

Untitled.png

 

All the rest remain as described on my comments (see on second page).

 

Cheers,
Cosmin

Don't forget to Like items if a post is helpful to you!
Please help out other users and “Accept as Solution” if a post helps solve your problem!

Read more about how and why to accept solutions.

Disclaimer: All messages are my personal ones and do not represent my company's view in any way.

L2 Linker

Hi,

I follow your instructions :

 

CHARRIER_0-1712823640002.png

 

This method works periodictly, sometimes when we launch anydesk, we can connect but sometimes not.

We have to force the reconnexion :

CHARRIER_1-1712824099345.png

And after that, the anydesk client test some relay, and finally make the connexion, but this can make some times, as he find the good relay.

 

In the traffic log i can see some deny with decrypt-error.

in the decryption log the root status is "untrusted" and i have this error : 'Received fatal alert UnknownCA from client'

Does this solution work every time for you?

 

Hi,

 

Mine it's working all the time, but I forgot to update also the Custom URL on the post. I did it just now.

You need to have on the Custom URL also:

*.net.anydesk.com/

 

Cheers,
Cosmin

Don't forget to Like items if a post is helpful to you!
Please help out other users and “Accept as Solution” if a post helps solve your problem!

Read more about how and why to accept solutions.

Disclaimer: All messages are my personal ones and do not represent my company's view in any way.

this certifcate is revoked, still can we use ?

L4 Transporter

Hello @ateshasan ,

What certificate was revoked?

Cheers,
Cosmin

Don't forget to Like items if a post is helpful to you!
Please help out other users and “Accept as Solution” if a post helps solve your problem!

Read more about how and why to accept solutions.

Disclaimer: All messages are my personal ones and do not represent my company's view in any way.

In fact, you know that AnyDesk was recently hacked and after this hack, philandro Software GmbH changed its certificates to AnyDesk Software GmbH.

https://support.anydesk.com/knowledge/how-do-i-make-sure-i-use-anydesk-with-the-new-certificate

 

 

I solved the problem with dynamic ip address group. 

In the decryption logs, I do not decrypt to those with Subject Common Name AnyNet Relay.

 

ateshasan_0-1715064124683.png

 

ateshasan_1-1715064146908.png

 

ateshasan_2-1715064159728.png

 

 

L2 Linker

I had the same issue, you can create a no decrypt policy for it and it should work.

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/decryption/decryption-concepts/no-decrypti...

Zain

How was the Anynet Root CA 2 cert obtained Cosmin? I tried  dcaporetto's method, but the Root CA 2 cert is no longer present on one of the relays, so it could not be downloaded?

L4 Transporter

Hello @LCMember40912 ,

 

The actual Anynet Root CA 2 I have it from another post of @S-Battermann (https://live.paloaltonetworks.com/t5/general-topics/solution-for-quot-ssl-decryption-bypass-for-anyd... ) .

 

You can download directly the archive from my post.

Cheers,
Cosmin

Don't forget to Like items if a post is helpful to you!
Please help out other users and “Accept as Solution” if a post helps solve your problem!

Read more about how and why to accept solutions.

Disclaimer: All messages are my personal ones and do not represent my company's view in any way.
  • 42213 Views
  • 43 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!