ESS 4 blocked my internet

Discussion in 'ESET Smart Security' started by esregistered, Apr 14, 2011.

Thread Status:
Not open for further replies.
  1. esregistered

    esregistered Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    2
    I had purchased ESS 4 with 10 user license. After installing and configuring firewall to Automatic Mode with exceptions (user-defined rules).
    before describing my problem, i would like to tell you my machine configuration,

    Machine's OS is Windows Server 2003 ENT, with MS ISA 2000 with Integrated Mode.
    Having Two LAN Cards,
    WAN card has an Live IP.

    Actual reason to buy ESS was my proxy server was being used as a relay server for spam. i had tried to disable ping from ISA but all in vain. then i had planned to bought ESS. After installing and configuring it i got ICMP ping blocked with LDAP and other net bios services running. but one bigger problem arouse here that was

    i wasn't able to access internet on that machine nor anyother machine through proxy. Errors displayed in IE are;

    On ISA Server Machine = DNS or name resolve Error

    on client (using proxy) = ISA Server refuses the connection

    where as i can update my isa server client installed on client machine.

    Log i am getting into my Firewall Log window is,

    TCP packet not belonging to any open connection.

    Help me configuring all this. i just want to block Ping to my live IP. else all services should work.

    Thanks
     
  2. MattJN

    MattJN Former ESET Support Rep

    Joined:
    Feb 19, 2010
    Posts:
    149
    Hello,

    I would like to clarify this point: do you have Smart Security installed on your ISA server? If so, I would strongly recommend removing it and installing NOD32 Antivirus instead.

    Also, you should reset the firewall rules on one computer, set the firewall mode to interactive, then allow/deny prompts as they appear and check "remember action (create rule)" each time one appears.

    Also, you should open the ESS GUI, press F5 for advanced setup, then locate and click on IDS and advanced options on the left. Scroll the options to the bottom of the list and check the box for "Log all blocked connections". Also, uncheck the box further up the list for "TCP protocol overload detection" and "TCP Port Scanning Attack", then click OK.

    Once you stop getting prompts from the interactive firewall mode, change it back to Automatic mode with exceptions. Then, from the GUI, click Tools > log files and drop the menu down and choose "Eset Personal Firewall log". Check to see if you are still getting entries for "TCP packet not belonging to any open connection" like you saw before.

    Hope that helps.

    Thanks,

    Matt
     
  3. esregistered

    esregistered Registered Member

    Joined:
    Apr 14, 2011
    Posts:
    2
    Thanks Matt,

    It seemz to be worked fine, Pings are off, firewall and proxy are working gud..Interactive mode is on..will go back to automatic mode when everything will remain cool and calm..Thanks for the help..
    :thumb: :thumb: :thumb: :thumb:
     
Thread Status:
Not open for further replies.