VPN Connections do not connect

Hi,

VPN Connections have stopped working to multiple destinations after I installed Avast. I’ve turned off Avast using the terminate and it still will not connect using a VPN. If I uninstall Avast it works fine.

Any ideas? Need Avast on my machine with VPN. This is a demo copy.

Will

Hi, and welcome to the avast forums.

Does it make any difference if you only uninstall the “Network Shield” component of avast?

What VPN software are you using?

Thanks
Vlk

Hi,

Thank you for your welcome to the forums. I have been a user of the product at home for 3 years! Also roll this out to companies and have done 3 ADMN installations in the past 4 months which has gone great!!

Uninstalled the Network Shield, works fine. Any idea what is wrong with the Winsock LSP? Is it a Winsock LSP that is causing the issue?

Would like it running when we go live internally here with 50 clients.

Will

Forgot to say I’m using the VPN internal to Windows XP SP2.

Will

OK I’ve found what the problem is. It is some form of interaction between how the Network Shield provider proxies and handles connections and how our Fortinet 50A gateway appliance sees the connection. My Fortinet is currently at v3.00 MR1 and I am checking the notes on MR2 to see what has been fixed.

I found this out by using a machine using a public IP address outside our gateway then moving it internally to find it didn’t work anymore.

Has anything like this been reported before?

Will

Can I presume it is best practise not to install the Network Shield within a network that has a gateway that already detects attack definitions?

Any chance you could let me know what ALWIL would recommend for their product?

Will

Hi again Will, and sorry for the slight delay.

Frankly, I found this quite strange. I mean, Network Shield is not really a proxy, it’s a simple TDI filter sitting (locally) at the TCP stack and filtering out malicious packets (technically, it’s like an IDS). I don’t see a way how this could interact with the Fortinet appliance (located at the perimeter). It is actually very unlikely that Network Shield would be dropping any packets vital for the VPN communication (you would see evidence of this in the “last 10 attacks” field, for example).

On the other hand, I cannot really recommend to NOT install Network Shield even if a gateway firewall/IDS is present - simply because of potential attacks from inside of the network. This may sound quite rare - but is actually very common.

Imagine a user with a laptop infected by a worm (e.g. “Blaster”). A user connects the laptop to the network, and BANG - all [unpatched] machines on the network instantly get infected (and the appliance at the perimeter sees nothing…)

Thanks
Vlk

Hi Vik,

Can you get your TDI driver to ignore VPN requests? Look at the following link, after ‘TDI Filter Samples Overview’ has a list that basically has some interesting points of what can go wrong.

http://www.pcausa.com/tdisamp/default.htm

See what you think,

Will

Willmanley,
do you have anything particular on your mind on the pcausa page that might be causing problems with VPN and Tdi Filter driver?

Thanks.
Lukor