If you are trying to allow/block AnyDesk connections in Kerio Control, this guide is for you! You may have noticed that the Content Filter in Kerio Control does have some remote access software listed (TeamViewer, for example), however, AnyDesk is not included, so you will not be able to leverage the Kerio Control Content filter for this purpose.
Instead, you can use the Traffic Rules in Kerio Control to allow/block this kind of traffic.
To allow/block AnyDesk using Kerio Control, follow these steps:
Create an IP Group for AnyDesk:
- In the administration interface, click the IP Address Groups in the Definitions section.
- Add a new IP Address Group and in the Addresses field, add anydesk.com.
Create a new AnyDesk service
- Create a new Traffic Rule with the below details:
Rule type: Generic, with Action Drop (in case you want to block the traffic) or Allow (in case you want to allow it)
- Source: Use Trusted/Local trusted interfaces. This can be made more specific like using addresses, users, etc.
- Destination: Use the IP Address Group created above.
- Services: Select the AnyDesk service you had created in step 2.
- Double click the Translation column and configure it with Source NAT
- This is how the traffic rule should look like when trying to block the AnyDesk traffic:
- Rule type: Generic, with Action Drop (in case you want to block the traffic) or Allow (in case you want to allow it)
- Make sure that the AnyDesk traffic rule sits at the top of the list (or above any other rule that may interfere with the AnyDesk required ports)
This article provides a step-by-step guide on how to allow/block AnyDesk using Kerio Control, despite the Content Filter rules not having AnyDesk by default.
What ports should I block to prevent AnyDesk traffic?
Block AnyDesk traffic on these ports: 80, 443, 6568, and 7070 (TCP).
What should I do if I want to allow AnyDesk traffic?
The exact same steps as above can be followed, with the only difference that the action will be to Allow instead of Drop