Context Navigation

← Previous Ticket
Next Ticket →

#13959 closed defect (invalid)

No NAT since 4.3.14, CERT_E_REVOCATION_FAILURE on Sophos

Reported by:	mgehre	Owned by:
Component:	network/NAT	Version:	VirtualBox 4.3.24
Keywords:	sophos nat CERT_E_REVOCATION_FAILURE 4.3.12 4.3.14	Cc:
Guest type:	Linux	Host type:	Windows

Description

I'm runnig VirtualBox on Windows 7 x64 with a Linux (CentOS amd64) guest.

Since 4.3.14, NAT does not work in the guest. I get "Network unreachable" when trying using TCP or UDP. ICMP (e.g. ping) works correctly. DNS only works when using host resolver (Otherwise it's also network unreachable for its UDP packets).

It does work correctly when using bridged networking.

NAT works on 4.3.12, and does not work on 4.3.14, 4.3.16, 4.3.18, 4.3.22 and 4.3.24. Logs are all attached.

May it be related to the Sophos Web Intelligence tool? The log shows

45c.13f8: \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: Owner is administrators group.
45c.13f8: supR3HardNtViCallWinVerifyTrust: WinVerifyTrust failed with 0x800b010e (CERT_E_REVOCATION_FAILURE) on '\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'
45c.13f8: supHardenedWinVerifyImageByHandle: -> -22919 (\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll)WinVerifyTrust
45c.13f8: Error (rc=0):
45c.13f8: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -22919 (0xffffa679) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll: WinVerifyTrust failed with hrc=CERT_E_REVOCATION_FAILURE on '\Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll'
45c.13f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll
45c.13f8: Error (rc=0):
45c.13f8: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll': rcNt=0xc0000190

In addition, the computer I use has no general internet access (only some white-listed pages). Could that be a reason for the CERT_E_REVOCATION_FAILURE?

Attachments (6)

VBox-4.3.12-working-NAT.log (101.2 KB ) - added by mgehre 9 years ago.
VBox-4.3.16-non-working.log (98.9 KB ) - added by mgehre 9 years ago.
VBox-4.3.18-non-working.log (101.3 KB ) - added by mgehre 9 years ago.
VBoxStartup-4.3.16-non-working.log (417.0 KB ) - added by mgehre 9 years ago.
VBoxStartup-4.3.18-non-working.log (444.6 KB ) - added by mgehre 9 years ago.
VirtualBox-4.3.14-Error.png (81.1 KB ) - added by mgehre 9 years ago.

Download all attachments as: .zip

Change History (11)

by mgehre, 9 years ago

Attachment:	VBox-4.3.12-working-NAT.log added

by mgehre, 9 years ago

Attachment:	VBox-4.3.16-non-working.log added

by mgehre, 9 years ago

Attachment:	VBox-4.3.18-non-working.log added

by mgehre, 9 years ago

Attachment:	VBoxStartup-4.3.16-non-working.log added

by mgehre, 9 years ago

Attachment:	VBoxStartup-4.3.18-non-working.log added

by mgehre, 9 years ago

Attachment:	VirtualBox-4.3.14-Error.png added

comment:1 by Valery Ushakov, 9 years ago

Yes, the failure to validate the signature is what causes the problem.

comment:2 by mgehre, 9 years ago

What does CERT_E_REVOCATION_FAILURE mean in this context?

comment:3 by Frank Mehnert, 9 years ago

Guest type:	Windows → Linux
Host type:	Linux → Windows

comment:4 by mgehre, 9 years ago

I found a fix: Disable CRL Checking Machine-Wide Control Panel -> Internet Options -> Advanced -> Under security, uncheck the Check for publisher's certificate revocation option

It seemed that the URL for Sophos CRL was not allowed by our proxy, thus VirtualBox validation failed with CERT_E_REVOCATION_FAILURE. After disabling the CRL, NAT works with current version of VirtualBox.

Thanks!

comment:5 by Valery Ushakov, 9 years ago

Resolution:	→ invalid
Status:	new → closed

Note: See TracTickets for help on using tickets.

Download in other formats: