• Announcements

    • Andrew Browne

      Support for other products than adaware, ad block and Web Companion

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock


      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/

Sign in to follow this  
Followers 0
Rabh17

Sonicwall Packets and Lavasoft Firewall

5 posts in this topic

We just installed a Sonicwall Firewall device-- and My PC has Lavasoft Firewall personal edition.

The problem begins when the Sonicwall sends what looks like a Mac address Ping to the PC. The Lavasoft Firewall responds in the [b]PACKET LOG[/b] by saying the following:

[b]BLOCKED | 00-11-22-33-44-55-66 -> 00-11-22-33-44-55-66 packet received | No Rule[/b]

The MAC address will be the same on both sides of the arrow-- and the MAC address will be MY PC's address.

This MAC address is set-up in the Sonicwall to assign me an IP address. But the way the Sonicwall works, it must 'ping' my PC and get a response in order for it to allow me access to the Internet. So long as the Lavasoft firewall BLOCKS this packet ping, I can see the LAN, but I can not get out to the WAN.

How do I formulate a rule to allow the Sonic wall to packet-ping my MAC address?

Thanks

Share this post


Link to post
Share on other sites
Here's a link to the users manual:

[url="http://www.lavasoft.com/support/supportcenter/manuals/firewall3_english/personal_firewall_3_manual.pdf"]http://www.lavasoft.com/support/supportcen...ll_3_manual.pdf[/url]

If you don't find an answer there, you should contact Lavasoft Customer Support via the link in my signature.

Share this post


Link to post
Share on other sites
[quote name='visitor' post='119683' date='May 23 2010, 09:56 AM']Here's a link to the users manual:

[url="http://www.lavasoft.com/support/supportcenter/manuals/firewall3_english/personal_firewall_3_manual.pdf"]http://www.lavasoft.com/support/supportcen...ll_3_manual.pdf[/url]

If you don't find an answer there, you should contact Lavasoft Customer Support via the link in my signature.[/quote]

I looked through the manual-- it only tells you how the Firewall protects against ARP packets-- but it doesn't give any idea as to how to formulate a rule to allow it under particular circumstances

Additionally-- When I plug my laptop which has Lavasoft Firewall version 1 installed-- the ARP blocking does not occur and the Sonicwall allows me to go to the internet.

I posted a formal question to the Support Desk and am still waiting for answer. And I am researching ARP while I'm at it.

Share this post


Link to post
Share on other sites
Hi

Could you compare the Firewall settings on the PC and Laptop and see if any of these are different:

Select Settings > Firewall > Network rules then click System-Wide rules then select low-level rules Is Block IGMP the same on both laptop and PC?

Select Settings > Firewall > Network rules then click ICMP settings. Are "Echo Reply", "Echo Request", "Router Solication" settings the same on both laptop and PC?

Share this post


Link to post
Share on other sites
[quote name='Ad Astra' post='119784' date='May 27 2010, 07:48 PM']Hi

Could you compare the Firewall settings on the PC and Laptop and see if any of these are different:

Select Settings > Firewall > Network rules then click System-Wide rules then select low-level rules Is Block IGMP the same on both laptop and PC?

Select Settings > Firewall > Network rules then click ICMP settings. Are "Echo Reply", "Echo Request", "Router Solication" settings the same on both laptop and PC?[/quote]

Thanks for your reply-- and yes, I did reset all the ICMP and IGMP settings and more. I even UNINSTALLED Lavasoft and found the problem remained.

The answer was in the SONICWALL.

Somehow, while setting up the Sonicwall, when my PC was plugged into the main LAN control port of the Sonicwall, the Sonicwall took the MAC address of my PC and substituted it for the Default Hardware MAC Address of the router. It seems the Sonicwall and other enterprise level routers have the capability for the User to select/create a separate MAC address for the device other than the one wired to the hardware.

Thus, when my PC reconnected-- First Lavasoft perceived a MAC scan from the Sonicwall from a Device that had the same MAC address as the PC it was protecting-- Thus the Lavasoft reacted to it as an Attack and closed off the connection.

And on the Sonicwall side, duplicate identical MAC addresses prevented my PC from accessing the Internet/WAN.

The Lesson of the day-- Sonicwall is NOT like the general consumer based Router Firewalls. You will need to go through EVERY control interface one by one and look for any discrepancies, particularly the ones from the Log Files that seem to point AT Lavasoft.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0