Inbound connection on home network blocked

Discussion in 'Other ESET Home Products Beta' started by stackz, Dec 23, 2009.

Thread Status:
Not open for further replies.
  1. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    I get the above logged whenever someone tries to connect to my pc on the home network. It doesn't matter what mode the firewall is in, what addresses I add as trusted and what rules I add to allow communication. Any suggestions other than reverting to v4.0.474?

    Gateway 192.168.0.1
    My internal Ip Address 192.168.0.2
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Make sure that the subnet 192.168.0.0/255.255.255.0 is in the Trusted zone and incoming/outgoing NetBios requests in the TZ are enabled in the rule editor.
     
  3. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    619
    Location:
    Sydney Australia
    Hi Marcos

    Thanks for the reply. I already had subnet 192.168.0.0/255.255.255.0 in the Trusted Zone and under Rules for System process there were already rules for NETBIOS in/out. (I guess they're default rules as they can't be deleted or edited) Anyway to get the connection to work I had to add a non-specific application rule - Allow, Direction Both, UDP, Remote: Trusted Zone ports 137 -139, Local: ports 137-139.
     
  4. Eagle2000

    Eagle2000 Registered Member

    Joined:
    May 23, 2008
    Posts:
    14
    I think you should add your router IP address and your local network PC,s IP addresses to the Addresses excluded from active protection (IDS) in frewall zones settings..
     
  5. VidKo

    VidKo Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    41
    Location:
    Slovenia
    I can confirm the problem. My notebook is not visible/accessible in local area network when firewall is running, although I checked "Allow Sharing". As soon as I disable firewall, it's visible and accessible.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This is a standard procedure to take in the event a connection is blocked by ESET firewall:
    1, make sure that disabling firewall resolves the problem
    2, enable logging of all blocked connections in the IDS section of the firewall setup
    3, reproduce the problem
    4, disable logging of all blocked connections
    5, check the firewall log for details about the rule that blocked the connection. You can subsequently create or adjust the appropriate rule or trusted zone so that any further connections are allowed.

    Please post here the relevant firewall log entries from the fw log so that we can see why your connections are blocked.
     
  7. VidKo

    VidKo Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    41
    Location:
    Slovenia
    Last edited: Jan 5, 2010
  8. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    This is an issue that Eset needs to address as everyone seems to have to make rule changes when the problem lies with 4.22
    I have 3 PCs in a network. All were running 4.0.474. I then updated one PC to 4.22 and the local network worked fine. The PC that I updated first was Win7. I then updated another PC (XP SP3) to 4.22 and this PC could not access any other PC or be accessed by the other two PCs in the network. The Win7 PC and the third PC (Vista) could still both talk to one another.
    So it is either 4.22 has an issue with XP or 4.22 on more than one PC in the network is an issue. Internet connection remained good on all PCs.
    If ESS is disabled on the XP PC, the PC is then back in the network again instantly. Re-enable ESS and it's gone.
    The log file on the offending PC has multiple "Block Incoming SSDP (UPNP) Requests" and "Block Netbios Name Service Requests". I have been through the rules and Netbios requests are allowed in the trusted zone. I even added local network IP addresses to the trusted zone and that still did not work. By the way, if you do add addresses to the trusted zone, ESS throws a hernia.
    Another problem with 4.22 is that if you untick Eset from the LAN Properties and then retick it again nothing you do will get the network adapter to work again other than uninstalling ESS and reinstalling. Once this has been tampered with you will not have any network or internet access and there is no fix other than uninstalling.
     
  9. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    As an update, the only way I could get the local network to work properly again was to create a rule on both the PCs using 4.22 that allows TCP & UDP in the Trusted Zone for all ports. There are a few existing rules regarding allowing netbios requests in the trusted zone but they all specify ports and I think these rules are not covering all the required ports.
     
Thread Status:
Not open for further replies.