Start a conversation

Avast Business Managed Firewall Guide

This guide is for configuring the Avast Firewall for the Avast Business Antivirus (Pro/Plus) Managed client in conjunction the Cloud Management (web) Console at https://business.avast.com/ or in the Business Management (on-premise) Console.


By default, the Avast Management Console will overwrite settings in the local Avast Business Antivirus Managed client, so all settings should be changed in either the Cloud Management (web) Console at https://business.avast.com/ or in the Business Management (on-premise) Console and not in the local Avast Business Antivirus Managed client. Also see my Avast Business Managed Recommended Settings knowledge base article. Please allow adequate time for the Avast Management Console to synchronize changed settings with the Avast Business Antivirus Managed clients. To force immediate synchronization, please restart the local client.

To add files, URLs (website links), and script exclusions in the Avast Management Console, please also see my Avast Business Antivirus Managed Exclusions Guide for more information.

Table Of Contents

  1. Common Software Programs
  2. Avast Firewall Settings
  3. System Rules
  4. Application Rules
    1. System Variables
  5. Ports
    1. Custom Ports
  6. Troubleshooting
    1. Advanced Troubleshooting
  7. Control All Rules Locally
  8. Disable/Uninstall Avast Firewall
  9. Articles And User Manuals
    1. Knowledge Base Articles
    2. User Manual

First, collect information regarding the software program, such as any application executables (EXEs) and ports that the software program uses. You may need to visit the manufacturer’s website or contact them directly to obtain this information.

Common Software Programs

Below are links to application executables (EXEs) and ports for common software programs that may need to be allowed through the Avast Firewallin conjunction with this guide.

Table Of Contents

Avast Firewall Settings

After you have collected this information, log into your Cloud Management (web) Console at https://business.avast.com/ or the Business Management (on-premise) Console.

  1. Click on Device Settings
  2. Click on settings template (such as Default)
  3. Click on Customize next to Firewall
  4. Click on the Rules tab

Avast Firewall Settings

Table Of Contents

System Rules

These are basic rules for common network applications and functions. It is common in many network environments to Enable the Allow Windows File and Printer Sharing and/or Allow remote desktop connections to this computer. Always click on the Apply changes button in the top-right corner before continuing.

System Rules

Table Of Contents

Application Rules

  1. Add executables under the Application rules tab
  2. Click the Add application rule button
  3. Fill out the full application name (such as Software Program Name) and path (such as C:\Program Files\Folder\File.exe)
  4. Click the Apply changes button in the top-right corner when you are done adding rules

Application rules

You may also use system variables...

%CommonProgramFiles(x86)%

Use this if you need to specify an executable file located in a folder where shared program files for 32bit applications are stored, e.g.
%CommonProgramFiles(x86)%\app.exeC:\Program Files (x86)\Common Files\app.exe

%ProgramFiles(x86)%

Use this if you need to specify an executable file located in a folder where program files for 32bit applications are stored, e.g.
%ProgramFiles(x86)%\app.exeC:\Program Files (x86)\app.exe

%CommonProgramFiles%

Use this if you need to specify an executable file located in a folder where shared program files are stored, e.g.
%CommonProgramFiles%\app.exeC:\Program Files\Common Files\app.exe

Table Of Contents

Ports

If you continue to experience issues with network applications and functions blocked by the Avast Firewall (such as file and print sharing and/or remote desktop), click the Advanced packet rules tab, and please enable (check the boxes for)…

  • Windows Network In
  • Windows Networking Out
  • Remote Desktop In

Click the Apply changes button in the top-right corner.

Ports

Custom Ports

To add custom Avast Firewall port rules…

  1. Click the Advanced packet rules tab
  2. Scroll down to the bottom on the page and click the Add new rule button
  3. Replace Default packet rule with name unique name for the rule
  4. Change All protocols (256) to the correct protocol, such as TCP and UDP (257)
  5. Add IP address (if applicable), Local and Remote Port numbers (you may use commas for different port numbers, or a hyphen for a port range)
  6. Click the Update button
    • We recommend to drag/drop the new custom packet rule to the top of the list so the local Avast Business Antivirus clients will process this custom packet rule first
  7. Click the Apply changes button in the top-right corner when you are done adding rules

Custom Ports

Table Of Contents

Troubleshooting

First, try changing the Undefined networks to Private (Trusted)...

  1. Click on Device Settings
  2. Click on settings template (such as Default)
  3. Click on Customize next to Firewall
  4. Click on the Networks tab
  5. In the Undefined networks section, change from Users can choose profile to Private (Trusted) next to Default profile for undefined network
  6. Enable (check) the Overwrite the profile of every network which was already set by the user with Private (Trusted) box
  7. Click the Apply changes button in the top-right corner

Private (Trusted)

NOTE: This is only recommended for Windows Workstations that are always connected to a private (trusted) network! For roaming laptops that may use open public networks, please add/duplicate a new settings template for these laptops and change this setting to either Users can choose profileor Public (Not trusted).

Advanced Troubleshooting

If the Troubleshooting steps above did not resolve the issue...

  1. Open the local Avast Business Antivirus client
  2. Click on Settings in the bottom-left corner
  3. Click on Components tab
  4. Click on Customize to the right of Firewall
  5. Click on Advanced tab
  6. Under Firewall Logs, enable (check) the Log all blocked packets box
  7. Click the OK button twice
  8. Minimize the local Avast Business Antivirus client window
  9. Duplicate/replicate the issue on a test device (at least a few times)
  10. Restore the local Avast Business Antivirus client window
  11. Click on Protection in the left panel
  12. Click on Firewall in the pop-out menu
  13. Click on Firewall logs to the right of Network connections
  14. Maximize the Firewall logs window
  15. Show log for: Blocked traffic
  16. Apply any other additional filters (optional)
  17. Expand any columns necessary
  18. Sort by date/time (latest/newest on top)
  19. Notate local/remote IP addresses, local/remote ports, protocols, direction, and application path
  20. Add information noted using the guide above

Advanced Troubleshooting

If you continue to experience issues related to the Avast Firewall, please take a screenshot of your Firewall log window (as shown above) and contact Avast Business Technical Support at https://www.avast.com/business-support-contact-form.php

Please have the following information ready:

Once you have gathered all of the information and/or screenshots needed, please disable the Log all blocked packets setting...

  1. Open the local Avast Business Antivirus client
  2. Click on Settings in the bottom-left corner
  3. Click on Components tab
  4. Click on Customize to the right of Firewall
  5. Click on Advanced tab
  6. Under Firewall Logs, disable (uncheck) the Log all blocked packets box
  7. Click the OK button twice
  8. Close the local Avast Business Antivirus client window

Table Of Contents

Control All Rules Locally

By default, the Avast Management Console will overwrite settings in the local Avast Business Antivirus client, so all settings should be changed in either the Cloud Management (web) Console at https://business.avast.com/ or in the Business Management (on-premise) Console and not in the local Avast Business Antivirus client. If you prefer to manage the Avast Firewall settings locally on each Avast Business Antivirus client, disable (uncheck) the Control all rules via the web console box and click the Apply changes button in the top-right corner. The Avast Business Antivirusclients will ignore all Avast Firewall rules set in the Avast Management Console in this settings template, and only use the Avast Firewall rules set locally in the Avast Business Antivirus client (not recommended for medium to large networks).

Control Local

You may wish to add/duplicate a new settings template called "Control Firewall Locally", make these changes in that settings template, change a few devices for testing to this settings template, and restart these devices to test immediately.

Table Of Contents

Disable/Uninstall Avast Firewall

You may want to disable the Avast Firewall for testing new software programs, or if you are having issues configuring the Avast Firewall, and need to turn it off temporarily. Click on the slider to the Off position and click the Apply changes button in the top-right corner. You may wish to add/duplicate a new settings template called "Firewall Disabled", make these changes in that settings template, change a few devices for testing to this settings template, and restart these devices to test immediately.

If you do not use the Avast Firewall, click the 3 (three) dots next to the On/Off slider, click on Uninstall this component from the drop-down menu, and click the Apply changes button in the top-right corner. This will remove the Avast Firewall component from all of the Avast Business Antivirusclients, but may require a restart to complete the uninstall! You may wish to add/duplicate a new settings template called "Uninstall Firewall", make these changes in that settings template, change a few devices for testing to this settings template, and restart these devices to test immediately.

Disable/Uninstall Avast


Source:  https://kb.support.business.avast.com/GetPublicArticle?title=Avast-Firewall-Settings-and-Troubleshooting-Guide


Choose files or drag and drop files
Was this article helpful?
Yes
No
  1. Support

  2. Posted

Comments