It keeps detecting attacks that just aren't happening. For example, dns poisoning attacks from my dns servers. TCP Desynchronization attacks from clean computers on my LAN, thus blocking filesharing.

It also blocks my vpn client (Cisco) from connecting to work, even though I've approved every dialog that has popped up about it and it's listed as "allow all communication" in the rules. Apparently that's not enough to allow it through. The actual communication is presumably handled by something I don't get an opportunity to allow.

Hopefully some of this will be sorted in beta2 so I can enable the firewall again. It seemed to strike a fair balance. Being effective without being overly nagging.

VPN - this is partly based on intruction for Outpost FW but it worked.

Browse for vsdata.dll and vsdatant.sys, rename the files in Windows Directory

Open regedit, navigate to HKEY_LOCAL_MACHINE, then System. Under ControlSet001, ControlSet002, and CurrentControlSet, look inder Services for a key called vsdatant. Delete the key.

Add the vpn server (IP address) to the trusted zone.

Add in/out rights to the vpn clients (there are two files - vpngui and cpvnd). By default it only set allow to - I think it was in.

Dial up to the vpn. Everything should now work.

Paul

I appreciate the effort, but I'd rather not jump through hoops like that to appease a beta version. Hopefully it'll get sorted in subsequent releases. If not, I'm guessing I can fix it with a rule if I fiddle around long enough.

For now, I just disable it when connecting to work. Enabling it after connecting works fine.

Actually - I'm not sure it's an ESS issue? It may be, in part, an issue with Cisco trying to be compatible with ZoneAlarm (I think that was it) and causing a problem for other programs.

I went through those steps but it is possible that just giving the two cisco files (vpngui and cpvnd) IN/OUT rights may do it with out all the rest. In the end - it wasn't until I did that that the VPN connected.

Paul