,
This article describes how to resolve Anydesk issue “Disconnected from Anydesk network”, on computers running Anydesk behind FortiGate Firewalls.
Problem in details: When running AnyDesk on a computer behind FortiGate 60E, the connection fails with a message “Disconnected from Anydesk network”, and in the Web Filter logs on the FortiGuard you get that the connection to “https://Any Net Relay” is Blocked with Category Description: Unrated.
The mentioned issue is happens, because “Anydesk” is not categorized on FortiGuard and comes under the “Unrated” category which is blocked by default in the default Web Filter profile. To resolve the problem, use one of the methods below to allow the AnyDesk traffic in FortiGate.
How to FIX: Anydesk is Blocked by Default Web Filter on Fortigate/Fortiguard.
Method 1. Activate the “Rate URLs by domain and IP Address” in FortiGuard.
The easiest and more secure method to allow AnyDesk traffic in Fortigate, is to enable the “Rate URLs by domain and IP Address” option to allow Fortiguard to rate URL category based on URL domain and IP address.
1. In Fortigate, expand the Security Profiles menu and click Web Filter. Then click on the default web filter profile and click Edit.
2. Here, enable the option Rate URLs by domain and IP Address and click OK.
3. Allow 4-5 minutes for the change to take effect, then try connecting in to Anydesk again.
Method 2. Allow AnyDesk Connections with a IPv4 Policy.
Another safe method to fix the reported Anydesk connection issue on Fortigate/Fortiguard is to create a dedicated IPv4 Policy to allow Anydesk traffic.
1. In Fortigate, expand Policy & Objects, then click IPv4 Policy and then click + Create New.
2. Now, type a Name for the new policy (e.g. “Anydesk”) and below set the following settings and click OK:
-
Incoming Interface: LAN_Interface (Internal)
-
Outgoing Interface: WAN_Interface
-
Source: LAN
-
Destination: AnyDesk-AnyDesk (add it as “Internet Service”)
-
Action: Accept
Security Profiles:
-
Antivirus: Off
-
Web Filter: Off
-
DNS Filter: Off
-
Application Control: Off
-
SSL Inspection: no-inspection
3. Finally, drag this policy to the top of other polices and then try to connect to Anydesk.
Method 3. Allow All Unrated Connections in Web Filter.
Another method, to fix the Anydesk connection problem in FortiGate/FortiGuard, is to allow in Web Filter settings all the connections that categorized as Unrated.
* Note: This method is less secure because will allow all connections under the Unrated category.
1. In Fortigate, expand the Security Profiles menu and click Web Filter. Then click on the default web filter profile and click Edit.
2. Under the Pre-configured filters, click in the Unrated category and then click Allow. Then, click OK to apply the change.
3. Allow 4-5 minutes for the change to take effect, then try connecting in to Anydesk again.
That’s it! Which method worked for you?
Let me know if this guide has helped you by leaving your comment about your experience. Please like and share this guide to help others.