[Last Call] Learn how to a build a cloud-first strategyRegister Now


Software Firewall for VPN Client

Posted on 2004-11-02
Medium Priority
Last Modified: 2010-04-12
I am using the Netgear ProSafe VPN Client software to connect a remote laptop user to a Netgeat FVS328 in the office. All works well.

I was under the impression that it was good practice to run a software firewall on the remote laptop. The laptop sometimes uses a dial-up, sometime a LAN (DSL) connection. I currently using Zone Alarm with Antivirus.

With Zone Alarm enabled, my VPN connection is pretty unreliable (does connect occassionally). I have allowed VPN protocols, placed all relevant addresses in the trusted zone, etc. If I disable ZA, the VPN works well.

The Netgear docs say that all firewall & AV software should be disabled! Very helpful

My Questions:
1. Should I be using a software firewall?
2. If so, which one?
Question by:mikefish
  • 3
  • 3
LVL 18
ID: 12479655
On a laptop, it is even more important to run some type of software firewall and of course, AntiVirus.  If I had to run a VPN client that said I had to disable all AntiVirus and Firewalls, I'd look for another VPN Client.

Zone Alarm, the latest version seems very good, however I've had very good luck with the Norton Internet Security.  If you have Windows SP2, you might experiment with seeing if it gives you a more stable firewall solution with your client than the Zone Alarm.  

Author Comment

ID: 12506589

Strangely, ZA is fine with the Netgear VPN software, but ZA with Anti-virus is not. I have a personal hatred of the Norton user interface, so I keep away from that. The software is on a W2K box, so SP2 firewall not applicable.

I have found that eTrust EZ Armor (firewall & AV) works very well with the Netear software.
LVL 18
ID: 12513004
Some VPN software can be a pain.  I'm sure somewhere in ZA, there is some setting which will allow it to work fine.  Have you asked Netgear Tech Support??  At least there is one solution in case the ZA won't work at all.
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.


Author Comment

ID: 12993079
The answer is to use eTrust Armor (av plus firewall). It looks identical to ZA, but works perfectly with Netgear VPN client. Also, if you download the trial, they will email you after a week or so with an offer to purchase at half price. Not bad!

Expert Comment

ID: 13821291
Are you still happy using eTrust Armor with the Netgear VPN client?  I ask because I have an unreliable connection:  Laptop running XP, Netgear client; across the country, a server running a Netgear FVS318.  Every 10 min or so, the VPN tunnel drops.  Any ideas?  Although your laptop runs W2K, do you any experience with my setup?  Thanks!

Author Comment

ID: 13821640
Yes, it still works well. I also have the FVS318 for my home setup and don't have any connection issues.

Things to try:
- confirm that the internet connection itself at the FVS end is reliable (i.e. does this continually drop)
- same for the internet connection on the laptop end
- latest firmware for FVS and any other routers/modems
- increase the KEY life if it's set low
- MTU settings on both ends can have an effect on performance (not sure about connection dropping though)

What router/modem are you using to connect to the internet each end?
LVL 18

Accepted Solution

Steve McCarthy, MCSE, MCSA, MCP x8, Network+, i-Net+, A+, CIWA, CCNA, FDLE FCIC, HIPAA Security Officer earned 1000 total points
ID: 13822657
I use Watchguard Firewbox X Edge firewalls instead of a router.. I use the provided dsl or cable modem in bridge or pass through mode and let the firewall do the rest.  It has been rock solid with my VPN's and VPN tunnels.

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question