Troubleshooting Documentation

Overview:

This article provides troubleshooting steps to resolve common issues related to high CPU and RAM usage, as well as functionality disruptions in the Timus Connect application. It aims to assist in identifying and addressing problems that may arise due to antivirus or endpoint protection software blocking key executables or interfering with the application's native operations. By following these guidelines, users can ensure smooth performance and prevent potential conflicts that could lead to prolonged processes or system slowdowns.

To ensure full compatibility and performance of the Timus Connect application, it is critical that all related executable files are properly whitelisted in both Antivirus (AV) and Endpoint Protection Platform (EPP) tools.

Failing to whitelist these files may cause:

• High CPU and memory usage
• Stuck or unresponsive processes
• VPN connection failures
• Performance degradation due to blocked native API calls or memory hooks

Modern AV/EPP solutions may block more than just the executable file. They often inspect runtime behavior, command-line parameters and system-level API calls. Therefore, it is essential to allow not only the executables but also their full runtime behavior.

✅ Required Executables for Whitelisting

The following files must be excluded from scanning, behavioral analysis, and execution restrictions:

C:\Program Files\Timus Connect\Timus Connect.exe
C:\Program Files\Timus Connect\Uninstall Timus Connect.exe
C:\Program Files\Timus Connect\resources\elevate.exe
C:\Program Files\Timus Connect\resources\service\timus-connect-service.exe
C:\Program Files\Timus Connect\resources\service\timus-helper-service.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\certutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\modutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\pk12util.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win32\shlibsign.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\certutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\modutil.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\pk12util.exe
C:\Program Files\Timus Connect\resources\service\lib\win\nss\win64\shlibsign.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openssl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openvpn.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\openvpn_2.4.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tapctl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tuntap_win\tapctl.exe
C:\Program Files\Timus Connect\resources\service\lib\win\openvpn\tuntap_win\tapinstall.exe
C:\Program Files\Timus Connect\resources\service\lib\win\telemetry\timus-telemetry.exe
C:\Program Files\Timus Connect\resources\service\lib\win\wireguard\amd64\timus-wireguard-tunnel-service.exe
C:\Program Files\Timus Connect\resources\service\lib\win\wireguard\amd64\wg.exe

🔐 General Whitelisting Guidelines

To ensure full functionality, perform whitelisting at two levels:

1. Client-Side Agent – Exclude paths directly on the endpoint
2. Central Console – Apply policy-wide exclusions for consistency and scale

For maximum compatibility:

• Exclude by exact file path
• Exclude entire Timus Connect folder to cover future updates

🔧 Configuration by Vendor (Antivirus + EPP)

1. Windows Defender (Microsoft Defender for Endpoint)

Client UI:

• Go to Windows Security → Virus & threat protection → Manage settings → Add exclusions
• Add both individual .exe files and the full folder path

PowerShell (for bulk deployment):

Add-MpPreference -ExclusionPath "C:\Program Files\Timus Connect"

Microsoft Defender for Endpoint (MDE Console):

• Go to Device Configuration → Endpoint Security → Antivirus → Policy
• Add exclusions under Microsoft Defender Antivirus settings

2. BitDefender GravityZone

Control Center:

• Navigate to Policies → Antimalware → Settings → Exclusions
• Add file paths for all relevant executables and their subfolders
• If “Advanced Threat Control” flags the app, add a Process Exception

Client:

• Open local agent settings → Go to Protection → Manage Exclusions
• Add relevant paths manually

3. SentinelOne

Management Console:

• Navigate to Threat Protection → Exclusions
• Add executables by path
• Create Behavioral AI exclusions to allow elevated processes and tunneling apps (OpenVPN/WireGuard)

Note: SentinelOne client does not support local UI configuration—central management only.

4. CrowdStrike Falcon

Cloud Console:

• Go to Configuration → Prevention Policies
• Add to “Allow List” using exact path
• Confirm that the process is excluded from behavioral blocking policies (e.g., “Process Injection” or “Credential Access” rules)

5. Trend Micro Apex One

Control Manager:

• Navigate to Policy Management → Agent Settings → Exceptions
• Add both file and folder exclusions
• Include all child .exe under Timus Connect path

Client:

• Right-click agent icon → Go to Settings → Scan Exceptions

6. Symantec Endpoint Protection

SEPM Console:

• Go to Policies → Exception Policies → Windows Exceptions
• Add by File, Folder, and optionally by File Type (.exe)

Client:

• Open SEP UI → Settings → Configure Exceptions

7. McAfee Trellix Endpoint Security

ePolicy Orchestrator (ePO):

• Go to Policy Catalog → Endpoint Security Threat Prevention → Access Protection → Exclusions
• Add by path and allow for:
  • Read/Write Access
  • Memory Access

Client Console:

• Open ENS client → Go to Threat Prevention → Show Advanced Settings → Exclusions

8. ESET Endpoint Security

ESET PROTECT Console:

• Go to Policies → Detection Engine → Exclusions
• Add all Timus .exe files and folders

Client Interface:

• Open ESET UI → Setup → Detection Engine → Manage Exclusions

9. ThreatLocker

Portal:

• Navigate to Application Control → Policies → Add Policy
• Create a custom group for Timus Connect
• Approve each executable manually
• Ensure compatibility with Ring0 operations (driver/low-level calls)

10. Datto AV/EPP

Control Manager:

• Navigate to Security Management → Policies → Exclusions
• Add full folder C:\Program Files\Timus Connect\ and all executable paths
• Allow behaviors: privilege elevation, service creation, VPN tunneling (OpenVPN/WireGuard)

Client:

• Open Local Agent→ Settings → Exclusions
• Add Timus Connect folder and executables manually
• Allow runtime behaviors if blocked

11. FortiEDR / FortiClient 

FortiEDR Console

• • Log in to the FortiEDR Management Console

  • Navigate to Policies → Endpoint Policies

  • Select your policy → Edit

  • In the left pane, choose Exclusions → File and Folder Exclusions

  • Click Add → browse to C:\Program Files\Timus Connect\

  • Select all .exe files and their parent folders under that path

  • Save changes → Publish updated policy

FortiClient (Client Interface)

• Open FortiClient on the endpoint

• Click Settings (gear icon) → Antivirus

• Scroll to Exclusions → Manage Exclusions

• Click Add Exclusion → Browse to C:\Program Files\Timus Connect\

• Select all .exe files (include subfolders) → OK

• Click Apply to activate exclusions

11. SolarWinds

Orion Console (Server-Side)

• Log in to the Orion Web Console

• Go to Settings → All Settings

• Under SAM Settings, click Manage File & Directory Monitors

• Select any monitor that might scan Timus files → Edit

• In Excluded Paths, click Add and enter: C:\Program Files\Timus Connect\

• Click Save and Apply

SolarWinds Agent (Client-Side)

• Open the SolarWinds Agent local UI (e.g. http://localhost:17778/)

• Click Settings → File & Directory Exclusions

• Click Add Exclusion → browse to: C:\Program Files\Timus Connect\

• Check Include subfolders

• Click OK, then Save or Apply

⚠️ Additional Notes on Runtime Behavior

• Some Timus components use privilege elevation (elevate.exe), create or manage services, and perform tunneling operations using OpenVPN and WireGuard.
• EPPs with behavioral engines may falsely classify this behavior as malicious.
• We strongly recommend creating behavioral exclusions where applicable to allow full functionality.
• Monitor the application’s performance post-deployment and check for flagged events in your EPP logs.

⚠️Additional Step: Run System File Checker (SFC) and DISM

If you continue to experience high CPU, RAM usage, or functionality issues after whitelisting the executables, it may be helpful to run the System File Checker (SFC) and DISM commands to repair potential system file corruption. Follow these steps:

1. Open Command Prompt as Administrator.
2. Run the following command to check for and repair corrupted system files:

   sfc /scannow

3. Once SFC completes, run the following DISM command to repair the Windows image:

   DISM /Online /Cleanup-Image /RestoreHealth

These steps can help resolve underlying system issues that might be contributing to performance problems or functionality disruptions.

Please note - Huntress currently does not support traditional software exclusions in the way antivirus or endpoint protection platforms might (e.g., excluding a specific folder or process from scanning).  We recommend putting the machine in maintenance mode when installing our application.

Summary of Actions

Overview

This article provides a step-by-step guide for resolving JavaScript errors when installing or launching the Timus Connect application on Windows. These errors are commonly caused by missing permissions or interference from endpoint security tools like BitDefender, Windows Defender, SentinelOne, and ThreatLocker. You’ll also learn how to properly configure exclusions and allowlisting to ensure smooth installation and operation.

Uncaught Exception: Error: EPERM: operation not permitted, mkdir ‘C:\ProgramData\Timus Connect’

This error indicates that the installer was unable to create a required folder due to permission issues or security software interference.
A similar error may also occur when attempting to create:

• C:\Program Files\Timus Connect

✅ Pre-Installation Checklist

Before proceeding, ensure the following:

• Administrator Rights
  The installer (Timus-Connect.exe) must be run with elevated privileges.
• Disable Conflicting Tools
  Close any VPN or network security tools (e.g., Todyl, other VPN clients) that may interfere with the network stack.
• Stable Internet Access
  Ensure the machine can access Timus services—see allowlisting requirements below.

🛠 Step-by-Step Resolution

1. Run the Installer as Administrator

• Right-click on Timus-Connect.exe → Select Run as administrator
• If deploying via RMM, ensure it's executed in the Local System or Admin context
• ⚠️ Do not run the installer from a network share—copy it to a local folder first

2. Manually Create Required Folders (Optional Workaround)

To prevent EPERM errors:

• Open File Explorer or Command Prompt as Administrator
• Create required folders:

  mkdir "C:\ProgramData\Timus Connect"
  mkdir "C:\Program Files\Timus Connect"
  

• Set folder permissions:
  • Right-click folder → Properties → Security → Edit
  • Add the Users group with at least Modify rights
  • Ensure Administrators and SYSTEM have Full Control

⚠️ Only grant the minimum permissions required. Avoid giving "Everyone" access.

3. Configure Security Software

🔒 Bitdefender (Endpoint or GravityZone)

• Policy → Antimalware → Exclusions
  Add:
  • C:\ProgramData\Timus Connect
  • C:\Program Files\Timus Connect
  • Timus-Connect.exe
• Firewall: Allow outbound HTTPS over port 443 (TCP/UDP)

🛡 SentinelOne

• Local Agent:
  • Add exclusions for Timus-Connect.exe, C:\ProgramData\Timus Connect, and C:\Program Files\Timus Connect
  • Add app to Controlled Folder Access
• Managed Environment:
  • Ask your security admin to allowlist the hash of Timus-Connect.exe
• Optionally, temporarily disable protection during installation

🔰 Windows Defender

• Add the following under:
  Windows Security → Virus & Threat Protection → Exclusions
  • Folder: C:\ProgramData\Timus Connect
  • Folder: C:\Program Files\Timus Connect
  • File: Timus-Connect.exe
• If Controlled Folder Access is enabled:
  • Allow Timus-Connect.exe via:
    Manage ransomware protection → Allow an app through Controlled folder access

⚙️ ThreatLocker

• Allow Timus-Connect.exe in Application Control policies
• Whitelist paths:
  • C:\ProgramData\Timus Connect
  • C:\Program Files\Timus Connect
• If issues persist, temporarily switch to Audit Mode during install

⚠️ Re-enable protection immediately after installation

4. Allowlist Required Domains & Ports

🔗 Domains

If wildcard rules are supported, allow:

• *.timusnetworks.com
• *.timuscloud.com

Otherwise, allow:

• auth.timuscloud.com
• user.timuscloud.com
• device.timuscloud.com
• config.timuscloud.com
• my.timusnetworks.com

🌐 Ports

Ensure the following are allowed:

If behind a proxy, configure it to allow Timus-Connect.exe access to these domains over port 443.

5. Re-run the Installer

• Reboot the machine (recommended)
• Try to install Timus Connect Application again.

This article explains how to troubleshoot IPsec tunnel issues and interpret related error codes for effective diagnosis and resolution.

Start by reviewing the View IPsec Logs article to locate IPsec logs within the Timus Manager.

Here are the IPsec error codes for both Initiators and Responders, along with their corresponding fixes.

Certain Endpoint Protection (EPP) and network security solutions can interfere with Timus Connect by modifying the system’s routing table. This interference disrupts VPN functionality, particularly for users relying on IPsec tunnels, split tunneling, and other VPN-related configurations. Additionally, kindly review the routing table to confirm there are no unusual entries that could be contributing to the issue.

Symptoms:

• Users are unable to access resources through Timus Connect.
• Network traffic is improperly routed due to altered routing tables.
• The connection appears active but fails to transmit data correctly.

Example: Todyl (SGN Connect) Interference on Windows

When Todyl (SGN Connect) is installed and actively running, it overrides routing tables to establish its own connection priorities. This can conflict with the routes set by Timus Connect.

Example of Routing Table Showing Interference (Windows):

Network Destination        Netmask          Gateway                Interface            Metric
0.0.0.0                    0.0.0.0          192.0.x.x (Todyl)      192.168.1.x           x

Cause:

EPP and network security software, such as Todyl (SGN Connect) and similar tools, manipulate routing tables to enforce security policies. These modifications may unintentionally disrupt Timus Connect’s intended network routes.

Workaround / Solution:

1. Disable or Uninstall Todyl (SGN Connect):

   • If the issue persists, temporarily disable the interfering software while using Timus Connect or uninstall it entirely:
   • Windows: Go to Control Panel > Programs and Features > Uninstall a program and remove the conflicting application.
   • MacOS: Use the application manager or terminal commands to remove it.

    

   Restart Timus Connect Application:

   • Restart the Timus Connect application to ensure it can properly update its routes.
   • Alternatively, you can restart the service from the system icon by right-clicking the Timus app and selecting the restart option (Windows & MacOS).

   

2. Routing Table:
   • Adjust routing tables to restore Timus Connect’s intended routes. To do this:
     • Windows: Run ipconfig /all to check active adapters, then use route print to view routing tables.
     • MacOS: Use netstat -nr to check routing tables.
     • Identify your SGN Connect gateway and compare it to the intended Timus Connect route.

Example of Correct Routing Table for Wireguard (Windows):

Network Destination        Netmask              Gateway             Interface        Metric
0.0.0.0                    128.0.0.0          192.168.249.x         192.168.249.3       x
128.0.0.0                  128.0.0.0          192.168.249.x         192.168.249.3       x

Recommendation:

If you encounter this issue, consider reviewing your routing table configurations using your terminal. First, check the active adapters by running ipconfig /all (Windows) or ifconfig (MacOS). Then, inspect the routing table using:

• Windows: route print
• MacOS: netstat -nr

Check for any entries inserted by security software. If another VPN or EPP is overriding the routing table, Timus Connect may not function as expected. Ensuring that only one VPN solution is managing network routes is crucial for maintaining proper connectivity.

Are you experiencing slower speeds than expected after connecting to the Timus Network? 

Several factors can contribute to this, but don't worry! This guide will help you troubleshoot the issue and get your connection back up to speed.

Initial Steps:

1. Application Updates: Ensure you're using the latest version of the Timus Network client application. Outdated software can sometimes lead to performance issues. You can set automatic updates within the Timus Network client application by accessing your device settings within manage.timusnetworks.com.
2. Conflicting Software: Uninstall any other VPN or network software running in the background. Even unused software might consume resources and affect your bandwidth.

If your client is up-to-date and there are no other programs running that could impact your connectivity. Please check the following troubleshooting steps:

• Check Maximum Transmission Unit (MTU)
• Ping Test with Varying Packet Sizes
• Identify Network Issues (Traceroute & MTR)
• Check Endpoint Configuration
• Performance Testing (Optional)
• Quality of Service (QoS) and ISP Throttling
• Firewall and Security Software

1. Identify Current MTU Setting

macOS:

1. Open Terminal.
2. List network services:

   networksetup -listallnetworkservices
   

3. Check current MTU:

   networksetup -getMTU <network_service>
   

Windows:

1. Open Command Prompt.
2. Check current MTU:

   netsh interface ipv4 show interfaces
   

2. Ping with Specific Packet Sizes

macOS:

1. Open Terminal.
2. Ping with a specific packet size:

   ping -D -s 1472 <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Ping with a specific packet size:

   ping -f -l 1472 <gateway_public_ip>
   

3. Adjust Packet Size Incrementally:
   • Start with 1472 bytes.
   • Reduce the packet size by small increments if you encounter packet loss or errors.
   • Find the largest packet size that does not result in fragmentation or packet loss.

3. Use Traceroute and MTR

Traceroute:

macOS:

1. Open Terminal.
2. Install traceroute (if not already installed):

   brew install traceroute
   

3. Run traceroute:

   traceroute <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Run tracert:

   tracert <gateway_public_ip>
   

MTR:

macOS:

1. Open Terminal.
2. Install mtr (if not already installed):

   brew install mtr
   

3. Run mtr:

   mtr -rw <gateway_public_ip>
   

Windows:

1. Open Command Prompt.
2. Install WinMTR (if not already installed) from https://sourceforge.net/projects/winmtr/.
3. Run WinMTR and enter the gateway IP to start the test.

4. Check Endpoint Configuration

ipconfig /all

macOS:

1. Open Activity Monitor.
2. Monitor CPU and memory usage to ensure they are not maxed out during the VPN connection.
3. Check network interface for errors:

   ifconfig
   

Windows:

1. Open Task Manager.
2. Monitor CPU and memory usage to ensure they are not maxed out during the VPN connection.
3. Check network interface for errors:

   ipconfig /all
   

5. Performance Testing

macOS and Windows:

1. Download and install iPerf3 from https://iperf.fr/.

2. Run iPerf tests to measure raw throughput with and without VPN:

   Download Test:

   iperf3 -c ash.speedtest.clouvider.net -p 5200-5209 -t 10 -P8 -R

   Upload Test:

   iperf3 -c ash.speedtest.clouvider.net -p 5200-5209 -t 10 -P8

During both the Download Test and Upload Test, please wait for the [SUM] result. The [SUM] values should be checked and considered carefully when reviewing the results.

6. Quality of Service (QoS) and ISP Throttling

macOS and Windows:

1. Check network QoS settings on your router or network management interface to ensure no QoS rules are throttling VPN traffic.
2. Confirm with the ISP that there is no throttling of VPN traffic.

7. Firewall and Security Software

macOS:

1. Open System Preferences.
2. Review firewall settings to ensure they are not limiting VPN throughput.
3. Check any installed security software for settings that might affect VPN performance.

Windows:

1. Open Control Panel.
2. Review Windows Defender Firewall settings to ensure they are not limiting VPN throughput.
3. Check any installed security software for settings that might affect VPN performance.

Additional Notes:

• If you're using macOS and don't have Homebrew installed, use the following command in Terminal: /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" to install it.  

If none of these steps resolve your bandwidth issue, please contact Timus Network support for further assistance at Support@timusnetworks.com 

What no gateways available mean and possible scenarios

This information message means that if the user is not allowed to connect to any gateway, a specific message will appear in the Timus Connect application.

The administrator must select the remote site for the user in the manager.

But there can be another root cause to show this error when;

• User might not access the Timus Cloud services or doesn’t have internet access.

To verify that, please run:

ping user.timuscloud.com
ping device.timuscloud.com

Also, try to go to user.timuscloud.com or device.timuscloud.com from the browser. If user can not reach connect application will not able to connect.

• timus-connect-background service is not running

  Go to Activity Monitor (Mac) or Task Manager (Windows) on your device and find timus-connect-service.

  Alternatively, you can go to http://localhost:49202 in your browser. If you see the output, it means the service is running.

  

  If you validate that the service is not running, please follow these steps:

  • [MacOS] Validate if service is running

    • Check if the plist file exists

      • Run the commands below to check if they exist:

        #for connect service
        cat /Library/LaunchDaemons/timus-connect-service.plist
        
        #for helper service
        cat /Library/LaunchDaemons/timus-helper-service.plist
        

      • After running the commands, if they exist, please run this command to load the service. After running, please check if the service has started.

        # Avoid if error occurs after running these commands. This is just a make sure none of instance exist on device
        sudo launchctl unload /Library/LaunchDaemons/timus*
        sudo launchctl load /Library/LaunchDaemons/timus*
        

  • [Windows] Validate if service is running

    Find services from search

    

    Make sure this 2 services are exist

    

    If they are not exist and running state try to install them manually see if any error occurs. For clean service install run these commands

    sc.exe stop timus-helper-service
    sc.exe stop timus-connect-service
    
    taskkill /F /IM "timus-connect-service.exe"
    taskkill /F /IM "timus-helper-service.exe"
    
    sc.exe delete timus-connect-service
    sc.exe delete timus-helper-service
    
    cd C:\\Program Files\\Timus Connect\\resources\\service
    
    timus-connect-service.exe -service install && timus-connect-service -service start
    timus-helper-service.exe -service install && timus-helper-service -service start
    

  After validation, if you see that the services are still not running and nothing works, try to start the service manually and check if any crashes occur.

  • [MacOS] Validate if service crash

    Run this command and see if service works

    #for connect service
    sudo /Applications/Timus\\ Connect.app/Contents/Resources/service/timus-connect-service
    
    #for helper service
    sudo /Applications/Timus\\ Connect.app/Contents/Resources/service/timus-helper-service
    

  • [Windows] Validate if service crash

    Run these commands

    cd C:\\Program Files\\Timus Connect\\resources\\service
    timus-connect-service.exe
    

  Let’s assume that a crash happened, which in most cases (99%) is a permission issue.

  At this point, it is better to perform a clean setup by removing all files we have and reinstalling Timus Connect. Please find the section with the clean setup steps for Timus Connect.

  Sometimes, SentinelOne, Bitdefender, or other security tools can prevent Timus Connect from working. We can confirm this by checking the task manager or asking the customer.

Timus Networks, a provider of network security solutions, includes SSL inspection capabilities in its Timus Manager to enhance security by decrypting and inspecting SSL/TLS traffic. This helps in detecting and blocking malicious content that might be hidden within encrypted traffic. However, in certain situations, bypassing SSL inspection for specific trusted websites or services may be necessary. This can be achieved by whitelisting these websites within the Timus Manager. Whitelisting allows specific domains to exclude the SSL inspection process, ensuring that the traffic to and from these sites remains encrypted and is not inspected.

 

How To Guide:

This guide aims to help you understand the benefits of bypass SSL inspection for specific domains in the Timus Manager by adding them to the whitelist.

 

Step 1: Log in to the Timus Manager Portal

 

Step 2: Navigate to the “Rules“on the Left-Pane

 

Step 3: Click on “Web Categories” in Drop Box Menu

Step 4: To Select The “ White List ”, Click On The “Ellipsis (...)” Icon Next To Its Name.

 

Step 5: Click “ Edit “ On The Drop Down Menu

 

Step 6: Click the “ Enter Domain “ Field And Type In The Desired Domain Name

 

Step 7: Click on “ Add “ Button

 

Step 8: Click “ Save “

 

Conclusion:

By following these steps, you successfully bypass the domains for SSL inspection. Whitelisting domains to bypass SSL inspection in the Timus Manager is necessary to maintain the integrity of certain encrypted traffic and ensure smooth operation for trusted websites and services. This approach provides security and functionality by allowing critical or trusted traffic to remain encrypted while continuing to inspect other traffic for potential threats.