silent blocking in interactive mode FW

I am trialling ESS 3.0.563 on windows xp sp2 32bit. FW is set up in interactive mode, with no blocking rules present. I enabled logging of FW blocking connections and worms.
I run windows 2000 in a vmware virtual machine (Network is "bridged"). I have a VPN (Virtual Private Network) client, but no FW installed on the virtual machine.
When I disable the firewall of ESS (on host computer), VPN connection works OK in the virtual machine. When the FW of ESS is set to interactive mode, the VPN software reports that it is unable to connect. I see no popups from ESS, and there are no FW logs created.
I conclude that FW blocks some communication withouth popup or logs, which is a Bad Thing. I reviewed the FW settings, but I do not see anything being set to silently block.
Any advices on how to let this VPN through without completely disabling the FW?

 

Hi!

Enter the Advanced Setup Tree (F5)

1. Navigate to Personal Firewall.
Choose Interactive Mode

2. Navigate to Personal Firewall -> IDS and Advanced options
Make sure all services are allowed (a.k.a 4 services)

3. In Personal firewall -> IDS and advanced options , enabled logging


Then,
Open Personal firewall > Rules and zones > Zone and rule setup
Choose Toggle detailed view of all riles (if already not set to this)
Uncheck every rule that has Block in the name .

Confirm with OK.

Start creating new rule:


Name : your choice
Direction : Both
Action : Allow
Protocol : TCP & UDP

Additional action:
check Log


In Local tab - For every (ports)
In Remote choose - For every (ports)
Then (AFAI remember , you should enter the IP address . So here enter the IP of the vpn client - example 192.168.16.1) .

Confirm with OK and restart.Try again

 

Thank you HiTech_boy,
This part was new to me. I was unaware that there are FW rules applying to all applications, not being shown in the application tree view. Maybe there could have been a quasy-application called "All applications" to show, and group those rules in this view.
Anyway I created a new rule, and just for test purposes allowed any communication whatsoever. My VPN got through this way. But if I disable this rule or set it to Ask, the connection gets blocked without a popup dialog from ESS. I am starting to get the impression that
- ESS is unable to identify any application behind the communcation. This is visible in the logs
- it won't show an ask dialog if application is unknown, even if mode is interactive and/or rule is "ask", but silently block instead
I am worried about this later finding - I don't like silent blocking in a FW because it hides the information from me that some app. on my system is started being nasty, and also makes it harder to create the proper allow rule.

Hmm, by the way how do I reoder the detailed FW rules, so they get processed in a different order than creation order?

 

I wanted to thank you all for the detailed answer. It worked well.

A few remarks which may help others:
- I experienced it with WMware version 5
- I read somewhere the advice to switch from "bridged" to NAT. I did NOT do so, and it works.
- I put the tick back in the "blocked" lines after the problem was solved, and it seems to run fine.
- It seems the key is to add the new rule to pass the traffic for the VPN target address. The logging allows to identify the exact port(s).

Thanks