Internet access blocked by ESET Firewall – Solution?

We’ve had terrible difficulties with the ESET firewall.

The Technical environment

  • PC is Lenovo ThinkPad with Vista SP2
  • Router is Netgear DG834N
  • Versions of ESET – both Version 3 and Version 4

The Problem

The initial symptom was that internet access was either blocked or very intermittent. 

On further checking it seemed that the PC could not get IP address from DHCP on router. This also meant that local network access was blocked.

A partial solution was to hardcode the IP address and this gave local access but still no reliable internet access.

After lots of trial and error we isolated the problem to the ESET firewall. We absolutely knew this was the cause as simply suspending the firewall always resulted in reliable internet access.

What we tried 

Here’s list of all the things we tried that did not work:

1. Reset Netgear Router to Factory Settings and reboot the PC

2. Reset ESET Personal Firewall to initial settings

  • I was confident this would fix the problem but it did not.
  • If you are interested an entry in the ESET Knowledgebase says how you can do this. It involves deletion of these files after rebooting into Safe Mode:
    • - epfwdata.bin
    • - EpfwTemp.dat
    • - EpfwUser.dat

3. Delete history and cache

  • Seemed then ok for 45 minutes or so but then problem returned

4. Switch router off for 30 minutes

  • This supposedly resets link at the local Telephone Exchange)

5. Change to OpenDNS settings in router (in place of letting router get info from ISP). This involved using these DNS addresses: 

  • 208.67.222.222
  • 208.67.220.220
  • This had a bad result – no connections at all! Even if these settings made for PC and Router

6. Removed IP V6 from protocols

  

7. Changed all network properties to match a similar (working) PC

  

8. Enabled LMHosts LookUp

  

9. Changed ESET Configuration Settings

  • Deselected
    • ARP Poisoning attack detection
    • DNS Poisoning attack detection
    • Both as suggested in ESET Knowledgebase article SOLN2217
  • Added (as a wild guess):
    • Maintain inactive TCP connections
    • Allow communication for bridged connection

10.Also switched ESET firewall to interactive mode and chose the “Set rule” option each time.

  • This gave added fun and games and generated two blue screen crashes

11. I enabled Test Mode

This setting is accessible from Advanced SetUp, Update, Setup.

Setting test mode “on” had no effect on the problem. Test mode allows ESET software to download the very latest level of ESET software. In my case this resulted in download of the “Personal Firewall Module: 1010 (20090625)”. This update seemed to enable successful access to the Internet for a few hours but then the problem returned.

You can check which release of the Firewall module you are using via the ESET program window. Click on ‘Help’ then ‘About’.

What I did next

I simply switched off the ESET firewall and now use the Vista firewall. The result – everything is now working

This all looks like very bad news for ESET users. I have been a great fan of ESET software. But their forums are full of problems like this.

Some users have found that the problem arose on version 4. But I upgraded to Version 4 to hopefully escape the problem on version 3 – and in fact the same problem arises on both versions.

I was also very surprised that restoring the firewall to default settings did not fix the problem. I can only assume that some registry settings are screwed up and this is unaffected by a rest to default settings.

The future

I hope ESET can fix these problems. But I will certainly be on the lookout for a more reliable firewall. In the end a Microsoft product wins. Is that a first!

21 Responses

Write a Comment»
  1. yup..i have the same problem here. Im from philippines and im also an avid and loyal supporter of eset. I installed eset smart security 4 business edition but then again in these past few days ny internet connection has many problems..it cant load and always ‘request time out’. when i ping it, it will take a long very looooooooooong time to establish a connection but after a few minutes the connections got problem and returend to a bad state – i always “TRY AGAIN” in firefox..

    but when i uninstalled eset, my internet connection is now SO BETTER. i returned to my XP firewall, change to defaults and all is better, oh, its BEST. i then install ESET NOD32 virus scanner only for virus problems. I did not install anymore the FIREWALL feature..which is a feature on their smart security products..

    i think eset has not made their firewall polished.

  2. Russell

    Try running this in the run command on windows:

    netsh winsock reset

    This did the trick. I am now happy and it all works. Moderator, please remove my previous comment. Thanks.

  3. I had Firefox and Thunderbird logon problems. I found switching off Peer Guardian solved all of my problems. This is one of the problems I had that ESET picked up: 05/03/2010 11:14:51 Detected DNS cache poisoning attack 192.168.0.1:53 192.168.0.100:1290 UDP and also 16/03/2010 09:57:49 Packet blocked by active defense (IDS) 192.168.0.100:1275 78.33.33.73:80 TCP . ESET have suggested that I allow them to connect remotely to my machine and they will “investigate and remove the problem”

  4. David

    Installing Vesion 4 over version 3 causes serious problems, unistall and reinstall will fix many problems that occur if you install over an existing version. (ESET should check in the install script and not allow this!)
    ESETs firewall is excellent in V 4, just because it finds high risk behavior risky isn’t a reason to knock it. There is no doubt that better explainations and faqs about certain conflicts should be documented for easy review, but if you configure correctly it is a fantastic product even running on a server where it “should’t be installed” and where it has to deal with very high traffic levels it works great. I love it, and V4 is a big improvement over 3 in my experience.

  5. mieses

    Every version of ESET’s firewall, from v3 to v4, has problems with basic issues such as renewing DHCP IP addresses. ESET seems to be hiding their heads in the sand. The documentation and knowledge base provide no help at all on such issues.

  6. I have to agree on the criticism. I have noticed these issues back in the 3 series and after removing ESET Smart Security,, I decided to try and reinstall (after good 6 months) because I absolutely loved it’s performance in the past..

    My issues are not with internet connection as a whole but are definitely tied to winsock. There is nothing I haven’t done to re-set to clean up,, to modify,, so on,, the issue remains…

    Considering the magnitude of the problem I agree that ESET should be A LOT more proactive about resolving this…

  7. Nice post…Thank you for sharing some good things!!

  8. R Martinez

    Same problem here. Worse yet, uninstalling ESET failed (I got an error message about the uninstaller not being able to reach the ESET Kernel) and made it impossible to use any networking at all.

    It somehow obtained control over the computer’s firewall system and won’t let it go, WIN XP firewall won’t work any more. It reminds me to the extremely difficult process of removing Panda Antivirus some years ago. I had to reinstall ESET then deactivate firewall protection and that worked for some time. But even then, a day it just decided to stop working.

    Really really dissapointed with all this. I can’t connect to anywhere with that computer anymore.

    Resetting the winsocks didn’t work for me. Now I’m formatting and reinstalling from scratch. I’m never using ESET again!

  9. Alex S

    Hey folks,

    Have the same problem here. Going to use Windows 7 firewall again. Eset caused my router to reboot instantly when I tried to enter it through browser.
    After the router rebooted ESET noticed it as danger, blocking every connection to it, forcing it to reboot again. And again. And so on.

    No other software firewall caused this behaviour.
    This is simple DHCP renewing. Their solution was to disable the router dhcp or going deep into menu and entering a rule for the router IP to allow any traffic from and towards it, and to disable IDS for it.

  10. Dave

    I have JUST downloaded ESET smart 4 onto a clean install of XP pro and so far it is working perfect. By doing this I am giving ESET the best chance of doing its job, in the event I get any problems I will report back. Please note: I do not have the time to ‘fiddle’ with settings so it is all at ‘default’ level.

  11. Hello.This article was extremely fascinating, particularly since I was looking for thoughts on this issue last Tuesday.

  12. ric a.

    yeah, so frustrated with eset smart security 4 regarding connecting with my router that uninstalled it. tip for those who want to completely uninstall it is to use the provided uninstaller then download the esetuninstaller.exe to remove it entirely in the system.

  13. meek

    oh “netsh winsock reset” this worked for me. thanks

  14. therichardkt

    For those thinking of using the “netsh winsock reset” you MUST run the command prompt in ELEVATED mode, i.e. Run As Administrator before attempting to do so, and then have to restart your computer.
    I tried this and am now currently USING Eset Smart Security Firewall as Enabled, with no connection problems anymore on Google Chrome.
    Amazing, as something so simple, was disrupting my ability to use the internet.
    I thank you Russell, that greatly helped, and I’ll be sure to tell Eset about this fix when they get back to me.

  15. Oh mann, this eset firewall is making me so angry, i can even found info how to totaly unblock my ip, coz this stupid firewall keep it blocking :/

  16. Hello! This is kind of off topic but I need some advice from an established blog.
    Is it very difficult to set up your own blog?

    I’m not very techincal but I can figure things out pretty quick. I’m thinking about creating my own
    but I’m not sure where to begin. Do you have any tips or suggestions? Many thanks

  17. teknobabble

    Hi,

    You’ll need a lot of time and patience. The easiest initial option is to use wordpress.com. You can transfer it later to your own domain.

  18. It is actually a great and useful piece of info.
    I’m glad that you simply shared this useful information with us. Please keep us informed like this. Thank you for sharing.

  19. Greetings! Very helpful advice within this post!
    It’s the little changes that will make the biggest changes. Thanks for sharing!

  20. I’m not sure exactly why but this blog is loading very slow for me.
    Is anyone else having this issue or is it a problem on my end?
    I’ll check back later and see if the problem still exists.

Leave a Comment

Your email is never published nor shared.