Random connectivity issues on server - possibly ESS firewall issue

Discussion in 'ESET Smart Security' started by bludragon, Jun 12, 2011.

Thread Status:
Not open for further replies.
  1. bludragon

    bludragon Registered Member

    Joined:
    Jun 12, 2011
    Posts:
    3
    I have been happily using NOD32 and ESS Home Edition for several years now with very few issues. A couple of months ago, I setup my first Windows-based server running Server 2008 R2 and I naturally chose to install ESS Business Edition on it. This machine fills the AD, DNS, and Web Server roles along with network storage duties for my small work group.

    For the first week that I had the server setup, I "trained" the firewall by setting it to interactive mode and then switching it to Auto mode with Exceptions as I have in the past. This setup had been working fine up until a couple of weeks ago, when I started having random connection issues from my main client PC. Sometimes I would get timeout errors when connecting to various services such as RDP and SFTP or accessing hosted Web sites and I would also experience Delayed Write Failures while accessing the network shares. As you can imagine, this wass very disruptive to my work flow so I began to look for an answer the other day. I started by testing the NICs in both my client PC and the server but found no issues. I then checked the Event Logs on both machines but again found no answers. In a fit of desperation, I tried disabling ESS's firewall on my client machine with no luck and then did the same on the server. Success! for the past 24 hours I have had no issues what so ever. It looks like ESS and its firewall may have been the cause.

    Obviously, disabling the firewall on a server is not ideal so if I could get some insight into what might be causing this problem, I would highly appreciate it!

    P.S. - Sorry for the long post.
     
  2. MattJN

    MattJN Former ESET Support Rep

    Joined:
    Feb 19, 2010
    Posts:
    149
    Hello,

    This is the reason why I direct customers to NOT install Eset Smart Security on the server. Servers have many more inbound and outbound connections related to services hosted on it and network functionality, and installing ESS on it is a really easy way to cause problems with your network and applications. Even setting the firewall to "Interactive" or "Learning" mode has the possibility of creating problems.

    Thanks,

    Matt
     
  3. bludragon

    bludragon Registered Member

    Joined:
    Jun 12, 2011
    Posts:
    3
    What do you recommend for security, then? I would like to keep ESS since I have already paid for it, though.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If you have a suspicion that ESS is blocking certain connections, enable logging of blocked connections in the IDS setup, reproduce the problem and then check the firewall log for details about the blocked connections. This way you should be able to adjust existing, or create new rules to allow the traffic. In case of further problems, contact customer care and they should be able to assist you further.
     
Thread Status:
Not open for further replies.