Internet access blocked by ESET Firewall – Solution?

We’ve had terrible difficulties with the ESET firewall.

The Technical environment

  • PC is Lenovo ThinkPad with Vista SP2
  • Router is Netgear DG834N
  • Versions of ESET – both Version 3 and Version 4

The Problem

The initial symptom was that internet access was either blocked or very intermittent. 

On further checking it seemed that the PC could not get IP address from DHCP on router. This also meant that local network access was blocked.

A partial solution was to hardcode the IP address and this gave local access but still no reliable internet access.

After lots of trial and error we isolated the problem to the ESET firewall. We absolutely knew this was the cause as simply suspending the firewall always resulted in reliable internet access.

What we tried 

Here’s list of all the things we tried that did not work:

1. Reset Netgear Router to Factory Settings and reboot the PC

2. Reset ESET Personal Firewall to initial settings

  • I was confident this would fix the problem but it did not.
  • If you are interested an entry in the ESET Knowledgebase says how you can do this. It involves deletion of these files after rebooting into Safe Mode:
    • - epfwdata.bin
    • - EpfwTemp.dat
    • - EpfwUser.dat

3. Delete history and cache

  • Seemed then ok for 45 minutes or so but then problem returned

4. Switch router off for 30 minutes

  • This supposedly resets link at the local Telephone Exchange)

5. Change to OpenDNS settings in router (in place of letting router get info from ISP). This involved using these DNS addresses: 

  • 208.67.222.222
  • 208.67.220.220
  • This had a bad result – no connections at all! Even if these settings made for PC and Router

6. Removed IP V6 from protocols

  

7. Changed all network properties to match a similar (working) PC

  

8. Enabled LMHosts LookUp

  

9. Changed ESET Configuration Settings

  • Deselected
    • ARP Poisoning attack detection
    • DNS Poisoning attack detection
    • Both as suggested in ESET Knowledgebase article SOLN2217
  • Added (as a wild guess):
    • Maintain inactive TCP connections
    • Allow communication for bridged connection

10.Also switched ESET firewall to interactive mode and chose the “Set rule” option each time.

  • This gave added fun and games and generated two blue screen crashes

11. I enabled Test Mode

This setting is accessible from Advanced SetUp, Update, Setup.

Setting test mode “on” had no effect on the problem. Test mode allows ESET software to download the very latest level of ESET software. In my case this resulted in download of the “Personal Firewall Module: 1010 (20090625)”. This update seemed to enable successful access to the Internet for a few hours but then the problem returned.

You can check which release of the Firewall module you are using via the ESET program window. Click on ‘Help’ then ‘About’.

What I did next

I simply switched off the ESET firewall and now use the Vista firewall. The result – everything is now working

This all looks like very bad news for ESET users. I have been a great fan of ESET software. But their forums are full of problems like this.

Some users have found that the problem arose on version 4. But I upgraded to Version 4 to hopefully escape the problem on version 3 – and in fact the same problem arises on both versions.

I was also very surprised that restoring the firewall to default settings did not fix the problem. I can only assume that some registry settings are screwed up and this is unaffected by a rest to default settings.

The future

I hope ESET can fix these problems. But I will certainly be on the lookout for a more reliable firewall. In the end a Microsoft product wins. Is that a first!

This entry was written by teknobabble, posted on June 26, 2009 at 6:37 pm, filed under Firewall and tagged , . Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback.

8 Responses

Write a Comment»
  2. Emman Carl P. Rubin
    October 18, 2009 at 12:25 am | Reply

    yup..i have the same problem here. Im from philippines and im also an avid and loyal supporter of eset. I installed eset smart security 4 business edition but then again in these past few days ny internet connection has many problems..it cant load and always ‘request time out’. when i ping it, it will take a long very looooooooooong time to establish a connection but after a few minutes the connections got problem and returend to a bad state – i always “TRY AGAIN” in firefox..

    but when i uninstalled eset, my internet connection is now SO BETTER. i returned to my XP firewall, change to defaults and all is better, oh, its BEST. i then install ESET NOD32 virus scanner only for virus problems. I did not install anymore the FIREWALL feature..which is a feature on their smart security products..

    i think eset has not made their firewall polished.

  3. Russell
    December 19, 2009 at 3:25 am | Reply

    Try running this in the run command on windows:

    netsh winsock reset

    This did the trick. I am now happy and it all works. Moderator, please remove my previous comment. Thanks.

  4. John Hobbs
    March 16, 2010 at 11:02 am | Reply

    I had Firefox and Thunderbird logon problems. I found switching off Peer Guardian solved all of my problems. This is one of the problems I had that ESET picked up: 05/03/2010 11:14:51 Detected DNS cache poisoning attack 192.168.0.1:53 192.168.0.100:1290 UDP and also 16/03/2010 09:57:49 Packet blocked by active defense (IDS) 192.168.0.100:1275 78.33.33.73:80 TCP . ESET have suggested that I allow them to connect remotely to my machine and they will “investigate and remove the problem”

  5. David
    March 31, 2010 at 7:58 pm | Reply

    Installing Vesion 4 over version 3 causes serious problems, unistall and reinstall will fix many problems that occur if you install over an existing version. (ESET should check in the install script and not allow this!)
    ESETs firewall is excellent in V 4, just because it finds high risk behavior risky isn’t a reason to knock it. There is no doubt that better explainations and faqs about certain conflicts should be documented for easy review, but if you configure correctly it is a fantastic product even running on a server where it “should’t be installed” and where it has to deal with very high traffic levels it works great. I love it, and V4 is a big improvement over 3 in my experience.

  6. mieses
    April 20, 2010 at 3:31 am | Reply

    Every version of ESET’s firewall, from v3 to v4, has problems with basic issues such as renewing DHCP IP addresses. ESET seems to be hiding their heads in the sand. The documentation and knowledge base provide no help at all on such issues.

  7. Kristina
    April 27, 2010 at 8:12 am | Reply

    I have to agree on the criticism. I have noticed these issues back in the 3 series and after removing ESET Smart Security,, I decided to try and reinstall (after good 6 months) because I absolutely loved it’s performance in the past..

    My issues are not with internet connection as a whole but are definitely tied to winsock. There is nothing I haven’t done to re-set to clean up,, to modify,, so on,, the issue remains…

    Considering the magnitude of the problem I agree that ESET should be A LOT more proactive about resolving this…

  8. 黑帽SEO
    May 13, 2010 at 7:46 am | Reply

    Nice post…Thank you for sharing some good things!!

Leave a Comment

Your email is never published nor shared.