XP tips::
close your Internet connection or restart your computer after pausing a download up, local area network, PPPoE, or VPN connection you want to share.
http://www.kraffe.org/it/tipxp.htmHOME |
After installing Check Point VPN I could not get any connection to the internet with Outpost 1 or 2.1 active. Everything worked before the VPN installation and everything works if Outpost is stopped and exited.
I've been running Outpost 1.0 under Win98 for a long time and tried Outpost 2.1 when I could not get any programs to talk to the internet after installing the VPN. I also tried reinstalling 1.0. Both 1.0 and 2.1 give similar results--no internet connection.
User Guide::
After the installation completes, you will receive a Internet Explorer and your VPN client software are special cases. Although you can add either
http://www4.sprint.com/pcsbusiness/downloads/Sprint_SmartView_fordows_UserGuide_v.1.16.pdfHOME |
Some searching on this forum identified settings to get the VPN to communicate through Outpost, but I cant get anything including the VPN to connect.
Any suggestions on how to get the internet connection working again?
I may have acted too quickly. "Z" other firewall I'm trying is eating high on the CPU, consuming nearly 14% of my antique 300mhz processor, this was the reason I initially moved away from that product a few years ago. Outpost is much lighter consuming only about 6% of the cpu.
I seem to have encountered the "Learning Bug" noted in another post due to the firewall's manipulation of the bindings. Is there a work around for this? I'm on a cable connection that changes the IP lease about every three or four days. Release Notes for VPN Client for Mac OS X, Release 4.9 [Cisco VPN ::
VPN Client cTCP Connection Fails If Checkpoint Client Is Installed. Open Caveats Yes No Answer Yes to this question. The installation then continues normally.
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_clilease/notes/49client.htmlHOME |
checkpoint vpn Resources | TechRepublic::
Checkpoint firewall not allowing cisco pix vpn connection company had me use Checkpoint SSL Internet Extender VPN through the web browser
http://search.techrepublic.com.com/search/checkpoint+vpn.htmlHOME |
Thank you Paranoid200 for responding.
The VPN is set to use "IKE over TCP" and "Force UDP encapsulation". I have a cable connection which was optimized at install to MTU=1500 Window = 256590.
However, the VPN install and subsequent loss of the software firewall is already way beyond my current time constraints, my need to know the inner workings of internet security and to understand the deeper levels of Outpost. I setup a clone of my system in another partition, installed the VPN and have been testing alternate software firewall solutions. While I prefer Outpost's approach to security, it's GUI and it's ease of use, I did find an alternate solution that with only a minor tweak works for me, with my system being "stealth" on the test facilities and the VPN able to communicate.
I feel Outpost is a great product and has an excellent user forum, but for now, reluctantly I must move on.
Arn
The Learning Mode bug affects Outpost 1.0 only - the best workaround is to run in Block Most mode rather than Rules Wizard.
Well I'm back using Outpost 2.1 and it's working. I don't know what's going on but at this point I'm just accepting that it's OK.
ZAP suddenly ended my 15 day trail 12 days early then constantly crashed the system. Uninstalling it in safe mode was also not a joy but it eventually removed itself. I installed Outpost 2.1 to what I thought would be another no connection experience, but everything just started working, including the VPN connection. :hop:
Arn
Arnb,
This depends on exactly which protocol your VPN software uses. If it uses PPTP (Point-to-Point Tunneling Protocol) then you will need a global rule to allow this (and this should be reported in your Blocked logs).
If it uses IPSec then you need to allow AH (Authenticating Header) and ESP (Encapsulating Security Payload) protocols. In addition you may need to disable the Attack Detection plugin - this is because it discards fragmented packets but the IKE (Internet Key Exchange) stage of IPsec uses large packets (needing fragmentation) for X.509 certificates.
More details on this can be found in the Where do all IP fragments go? (http://outpostfirewall.com/forum/showthread.php?t=6920) thread. If disabling Attack Detection works but you wish to be able to keep using it, then check the Max MTU, fragmented ICMP packets (http://outpostfirewall.com/forum/showthread.php?t=9314) thread for suggested modifications to the protect.lst file to allow this.
 Earnings Reports a Tonic for Ailing 'Net Stocks
 NatWest and InterTrust Form Global Alliance To Provide E-Commerce On the Internet
|
