Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Can't connect following Windows Defender Update

Looking for assistance with a cryptostorm connection issue? Post here & we'll help out. Also: if you're not sure where to post, do so here & we'll move things around as needed. Also: for quickest support, email our oddly calm & easygoing support reps at support@cryptostorm.is :)

Topic Author
scarlet81
Posts: 4
Joined: Mon Jun 05, 2017 6:37 am

Can't connect following Windows Defender Update

Post by scarlet81 » Wed Jan 09, 2019 7:11 am

I use both Windows 10 and the Windows Defender that they provide as my primary firewall, and ever since the new definition update for the program, every time I attempt to connect through one of the nodes to Cryptostorm it's blocked by the firewall. This hasn't ever previously happened before, so I'm also not quite sure what to do. I understand that an exception can be made in the firewall (although I honestly don't know whether it'd work), but don't know exactly how to create that as I feel the exception probably wouldn't be for the widget? Does anybody else know how to do this or have had similar issues with their connection of late? Sorry if I seem relatively uninformed about this, I'm admittedly pretty new to it all.

User avatar

df
Site Admin
Posts: 404
Joined: Thu Jan 01, 1970 5:00 am

Re: Can't connect following Windows Defender Update

Post by df » Wed Jan 09, 2019 10:16 pm

I just updated my Windows 10 Home VM to the latest, and updated Windows Defender to the latest (threat definition version: 1.283.2606.0), and I'm not seeing anything about the CS widget being detected, nor is any new firewall rules blocking it....

But then again, Microsoft doesn't use a single database for threats. From what I can tell, there's different versions of that database for each different version of Windows, and probably different versions for each edition of Windows (Pro, Home, Server, etc.).
So even though nothing is being detected on my VM, something in the widget might be getting detected on another edition of Windows 10.

To add an exception to Windows Defender: Open the "Windows Defender Security Center" from the start menu, click on "Virus & threat protection", then "Virus & threat protection settings", scroll down a bit and you'll find "Exclusions". Click "Add or remove exclusions" then "Add an exclusion", and from that drop-down list choose "Folder". Type into the new window:

C:\Program Files (x86)\Cryptostorm Client

then click "Select Folder".
That should tell Windows Defender to exclude all the widget's files from being scanned or deleted due to false positives.

As for Windows Firewall, you can edit your firewall rules by opening "Windows Defender Firewall with Advanced Security" from the start menu. In that screen, check any blocking rules (they'll have a red circle with a line in the middle) for anything that might have to do with the widget. Be sure to check both Inbound and Outbound Rules. I'm not sure if adding an exclusion for the widget would work if there's already another rule blocking it, so you might need to find and remove that rule first.
You could try to simply enable the killswitch from the widget's Options -> Security section. That'll add rules to the Windows Firewall to allow all the CS related IPs through, and block all other IPs that aren't on your LAN.

Post Reply