Failure to detect network after modem reset

Discussion in 'ESET Smart Security' started by diskonekted, Oct 2, 2012.

Thread Status:
Not open for further replies.
  1. diskonekted

    diskonekted Registered Member

    Joined:
    Oct 1, 2012
    Posts:
    7
    Location:
    Australia
    So, like the title eludes; I have problems accessing...everything, after a modem reboot.

    For the record, I'm running Win 7 SP1 x64 with ESS 5.2.9.1 with pre-release updates. My network has gone through different iterations during my troubleshooting, but at current is:

    * Full Cat 6a cabling - although computers are only 1GbE
    * WiFi N
    * Both provided by Billion 7800N, but previously was Linksys WAG320N and before that Netgear DG834G.
    * Using dedicated IBM X346 server running SNORT for edge protection, but have isolated it from various tests.

    I've gone through my network with a fine tooth comb and have isolated this problem to ESS. I live approximately 10Km from the telco exchange and get poor sync and speeds; so I have my modem to re-negotiate (via reboot) every 7 days or so.

    Now, if I have a computer on in the house before the reboot, all is well. The modem reboots and the computer is 'stuck' in a state where it can detect a network connection, but not the internet.

    I should note that I work in the IT industry and have configured my network, system(s) and ESS security policy to a level that one would expect from a system administrator, not just the default install config.

    My network addressing has been statically assigned within ESS to be trusted, but it seems that once the connection is lost the firewall can't determine that it's the same network once it comes back up.

    I've been able to replicate this via WiFi also (i.e. a hard-wired computer will activate/deactivate the wireless interface on the modem/router whilst a laptop attempts to connect).

    I can get around this by disabling the ESS firewall for a moment, make a connection to the internet, then re-activating the firewall. Although a work-around, I'm not comfortable with this method. A reboot of the computer(s) will also correct this, but hardly ideal.

    It seems that other have had problems with this 'network detection' but I couldn't find a set thread so have created this one....
     
  2. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    When you run into the issue again, try enabling logging of blocked connections in the IDS setup, then check the firewall log for details about the blocked communications and copy/paste the relevant records here. It'd be also interesting to know if unticking the check box next to "Epfw NDIS Leightweight Filter" in your adapter's settings makes a difference.
     
  4. diskonekted

    diskonekted Registered Member

    Joined:
    Oct 1, 2012
    Posts:
    7
    Location:
    Australia
    Thanks for both or your replies; I've tried most of what's listed in the linked KB articles, but will try removing the ARP and DNS poisoning protection for the sake of testing.

    I'll replicate the issue tomorrow morning and will post the log info.

    Thanks again.
     
Thread Status:
Not open for further replies.