Internet access blocked by ESET Firewall – Solution?

June 26, 2009

We’ve had terrible difficulties with the ESET firewall.

The Technical environment

  • PC is Lenovo ThinkPad with Vista SP2
  • Router is Netgear DG834N
  • Versions of ESET – both Version 3 and Version 4

The Problem

The initial symptom was that internet access was either blocked or very intermittent. 

On further checking it seemed that the PC could not get IP address from DHCP on router. This also meant that local network access was blocked.

A partial solution was to hardcode the IP address and this gave local access but still no reliable internet access.

After lots of trial and error we isolated the problem to the ESET firewall. We absolutely knew this was the cause as simply suspending the firewall always resulted in reliable internet access.

What we tried 

Here’s list of all the things we tried that did not work:

1. Reset Netgear Router to Factory Settings and reboot the PC

2. Reset ESET Personal Firewall to initial settings

  • I was confident this would fix the problem but it did not.
  • If you are interested an entry in the ESET Knowledgebase says how you can do this. It involves deletion of these files after rebooting into Safe Mode:
    • - epfwdata.bin
    • - EpfwTemp.dat
    • - EpfwUser.dat

3. Delete history and cache

  • Seemed then ok for 45 minutes or so but then problem returned

4. Switch router off for 30 minutes

  • This supposedly resets link at the local Telephone Exchange)

5. Change to OpenDNS settings in router (in place of letting router get info from ISP). This involved using these DNS addresses: 

  • 208.67.222.222
  • 208.67.220.220
  • This had a bad result – no connections at all! Even if these settings made for PC and Router

6. Removed IP V6 from protocols

  

7. Changed all network properties to match a similar (working) PC

  

8. Enabled LMHosts LookUp

  

9. Changed ESET Configuration Settings

  • Deselected
    • ARP Poisoning attack detection
    • DNS Poisoning attack detection
    • Both as suggested in ESET Knowledgebase article SOLN2217
  • Added (as a wild guess):
    • Maintain inactive TCP connections
    • Allow communication for bridged connection

10.Also switched ESET firewall to interactive mode and chose the “Set rule” option each time.

  • This gave added fun and games and generated two blue screen crashes

11. I enabled Test Mode

This setting is accessible from Advanced SetUp, Update, Setup.

Setting test mode “on” had no effect on the problem. Test mode allows ESET software to download the very latest level of ESET software. In my case this resulted in download of the “Personal Firewall Module: 1010 (20090625)”. This update seemed to enable successful access to the Internet for a few hours but then the problem returned.

You can check which release of the Firewall module you are using via the ESET program window. Click on ‘Help’ then ‘About’.

What I did next

I simply switched off the ESET firewall and now use the Vista firewall. The result – everything is now working

This all looks like very bad news for ESET users. I have been a great fan of ESET software. But their forums are full of problems like this.

Some users have found that the problem arose on version 4. But I upgraded to Version 4 to hopefully escape the problem on version 3 – and in fact the same problem arises on both versions.

I was also very surprised that restoring the firewall to default settings did not fix the problem. I can only assume that some registry settings are screwed up and this is unaffected by a rest to default settings.

The future

I hope ESET can fix these problems. But I will certainly be on the lookout for a more reliable firewall. In the end a Microsoft product wins. Is that a first!

By teknobabble | Posted in Firewall | Tagged , | Comments (13)