IDS forces my router to shutdown

Solved: IDS forces my router to shutdown

Hello folks.
I have following problem:
Yesterday, out of nowhere, ESS started to block any kind of communication to my PC. When I disable the firewall, everything is just fine.

When I enable it I can't log into it.

I tried to find the error so I checked the log file and always when I try to login ESS detects a TCP port scan and shuts down any traffic. The router is forced to reboot.

I tried to define the router IP as trusted, tried to add a new trusted zone, tried to add a complete new profile with new rules, tried to reinstall, but it is still giving me port scan messages and is blocking packets.

The only way that works is to exclude the router's IP from IDS. But is my PC safe when I do that?
Should I activate Windows 7 firewall instead?

 

Some devices perform port scan attacks and need to be excluded from active protection. I don't think that your router might become compromised somehow so excluding its IP address from active protection should expose you at risk.

 

Thank you for your reply.

The problem isn't solved. ESS is still blocking traffic to the router. I tried to solve the problem by entering a firewall rule that allows every traffic from my PC to router and back on any port.

Are you sure this safe?

 

Bigabe,

Try to configure the modem like a bridge type, not PPPoEt. And check is ESS still blocking traffic...

P.S. Also in PPPoEt mode change the name, change the IP (by the way change your standard IP 192.168.1.xxx, some modems blunt if you change all the digits of IP...Well, after this you can try to make a new rule again

 

Thank you for your answers.

I've solved the problem. My router has a function that scans every device in its network for every running processes, so I just have to click on my PC per example and can see if there are any netbios services or anything.
ESS thinks this is an attack and closes everything.

I turned the service of the router of and now everything is just fine.