Enscape and DPI-SSL don't play nice

Please note: Should you experience issues with Enscape or your subscription, and in case of any urgent inquiries/questions (e.g. regarding our upcoming licensing changes) please reach out to our dedicated support team via the Help Center or Support button as detailed here.
  • We have a UTM (Sonicwall) that performs DPI-SSL inspection. I.e. it acts as man-in-the-middle to examine encrypted data for malware. Most of the times, this works well. But not Enscape - when starting Enscape (revit), it stalls at 95-99% and hangs. Taking revit down also. Now there's a list with firewall exceptions but that doesn't seem to be complete. Yesterday, I ran Nirsoft CurPorts and then started Enscape, I saw Revit briefly making contact with server-13-227-211-148.ams54.r.cloudfront.net. Added that domain to exclude from DPI-SSL, and after that, Enscape ran fine. My gut told me this wasn't to last. And indeed, today the same problem appears. This time, Enscape tries to contact server-18-65-39-11.ams1.r.cloudfront.net. So added that to the list with exceptions as well. And again, Enscape ran fine.

    "Why not add cloudfront.net to the list with exceptions" you might ask. Well, cloudfront.net hosts a LOT of stuff you definitely want to scan for malware. So I wonder if there's a more elaborate list of domains to exclude from firewall / UTM actions?

    • Best Answer

    Hi Koppes Bouwkunde

    Thank you for bringing this up in the forum as well.

    As mentioned in the ticket you sent in, it seems there was a URL missing in our Proxy & Firewall Knowledgebase article indeed.

    It has been added by now.