CHX-I SPI messed up my LAN and internet.

Hi,
I've happily been using CHX-I on my dial-up modem for a year or so. I just used the basic ruleset and added a few extras to allow applications I needed specifically.

Just tonight I got ADSL, and set up my modem. Even though the DSL modem has SPI, NAT, ACL's, etc, I would still prefer to have CHX-I running as well since it doesn't use up much memory anyway, but when I moved all my rules from the dial-up section of the packet filter page, to the LAN section and then turned on SPI for tcp, udp, and icmp, it seems to stop me talking to other computers on my lan, and stops msn from working.

Can anyone please tell me what I'm doing wrong and how to fix it. if I turn off SPI under LAN connection it all works fine, but if I turn on SPI under LAN connection (even with no rule list) it breaks my LAN and internet.
I remember even when I had my 56K modem and tried to turn on SPI for my LAN it caused trouble back then, so I doubt it has anything to do with the adsl modem.

Any suggestions would be appreciated. Is there any point just leaving SPI turned off? or is there something I'm doing wrong.

Thanks

 

just a follow-up. I turned of SPI under "dial-up or vpn" and it seems to have fixed the problem. Not sure why this was stuffing up my network. Can someone tell me if I should be using the same ruleset I was using with my dial-up for adsl? if now, what base ruleset should I use?

 

If your router has SPI then theres really no need for software SPI imo.

 

ok, thanks. My remaining question still is, whether there's a different ruleset base I should be using for my adsl as opposed to the dial-up I was using? I can't get onto the website that chx-i belongs to, so I can't find any rulesets besides the one I downloaded for my dial-up connection.
Is there even any advantage of me using chx-i because I ran the shields up tests on grc and they all came back fine, without chx-i installed.

 

Why don't you post your logs and see what is being blocked, that might help us in helping you and by the way, turning off SPI with the default ruleset means that the firewall will permit every single thing, except for inbound TCP SYN, so running CHX-I with the default ruleset is pretty worthless without SPI

Cheers,

Alphalutra1