In defense of Jarmo P’s position on Sygate: If the webshield is set in Sygate to allow all traffic and the browser is set to “ask” than wouldn’t that be a good thing?
Sites that use only http 80 TCP work even with a browser ‘Blocked’ in Sygate. Cause of the loopback issue with webshield and browser with SPF.
That is if the browser is configured for WebShield, either by XP/2000 transparent proxy or with a manual proxy that is necessary for win98.
Use ‘Ask’ or ‘Allow’ for browsers. Some other ports are also in many sites used for browser traffic.
I have WebShield ‘Ask’ permission in Sygate.
Well, if that is the case than the following firewalls do the same thing because I have experimented with them all since my return to Avast recently:
Sygate (both free and pro)
Outpost (free)
Kerio (full install)
I hate to keep throwing the firewall issue on the fire (no pun intended) but it seems to be the most important issue with Avast right now and I’m trying to understand it.
Perhaps we need a fluid but locked sticky thread showing the best way to currently set up all the popular firewalls if webshield is enabled.
I read about Kerio 4, it has the so called “default setting” that does not ask any, but sure with Kerio you can make a rule to get asked. Would imagine the same with Outpost.
As far as I know Sygate is the only PF that doesn’t.
BUT, I have a manual proxy setting only for Mozilla Firefox, my trusted browser, so it does not really matter to me much if I dont get asked. I do get asked for IE and all the other programs I have tested.
You could also do a leaktest, SPF should pass it even with WebShield running:
http://grc.com/lt/leaktest.htm
Culpeper,
This method works for me using Sygate Pro only. You do not need to set any proxy settings in FF or IE, so make sure you clear them. Secondly Clear any advanced rules in sygate.
Disable the following windows service
DNS Client
and Untick “Enable smart DNS” in sygate options
Blocking FF/IE will now work. Also setting to ask will work. And if rules dont exist for webshield and FF/IE you will be prompted by sygate to allow/deny them.
Okay, thanks for the suggestions. BTW, Sygate does pass the leaktest.