Jump to content
Not connected, Your IP: 13.58.200.16
Stampy

Kaspersky Firewall VPN Lock Guide Request.

Recommended Posts

Can someone please post a guide on how to setup a network lock to only allow AirVPN traffic with Kaspersky Total Security Firewall as Network lock will not work with it and I cant use windows firewall.

 

Would be much appreciated!

Share this post


Link to post

You cannot do that automatically.

 

So many people asked this before. I think I will do a guide for this... because it is possible.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

You cannot do that automatically.

 

So many people asked this before. I think I will do a guide for this... because it is possible.

 

If you do I will gladly throw you a Donation for your time. Would be much appreciated since I have over 6 Devices

Share this post


Link to post

You cannot do that automatically.

 

So many people asked this before. I think I will do a guide for this... because it is possible.

Also on my other topic the same except is for Norton securty and backup firewall................Cheers.......Thanks.....

Share this post


Link to post

Kind of stuck with the same problem, only with ESET

 

Kind of annoying tbh.  A lot of these programs make it impossible to manage the windows firewall

Share this post


Link to post

So, I'm kind of stuck configuring Kaspersky's network filter.

  • Disabled all default rules. Set up global DENY rule. Everything offline.
  • Reactivated the all network activity to/from trustworthy and local subnets ALLOW rule. Intranet works again.
  • ALLOW all outgoing UDP network activity to Air's IPs. OpenVPN could connect again using IP addresses, besides that no activity.
  • ALLOW all incoming UDP network activity from possible internal IPs. Didn't change things. But I noticed I can use direct IPs to connect to websites but not DNS. Even with default rule ALLOW/DENY DNS over TCP and UDP based on other rules DNS started working (I saw it because my Firefox addon Flagfox showed a flag - without DNS there'd be a warning sign). Still no connection to websites.
  • Turned on logging for DENY all rule to see what exactly is blocked. Noticed outgoing ICMP messages are getting blocked. Unfortunately, it doesn't show exactly what kind of ICMP messages are blocked here.. maybe someone can enlighten me what these may be.
  • Next day, other approach. No global DENY rule but a deny all network traffic on public networks rule. The internet is an extra network for Kaspersky which is a public network by default, so enabling this setting also blocked all internet traffic. Made TAP a local network, still no connection to the internet. I noticed in the TAP settings that the current internal IP will be added to the list of additional subnets for a network, so I hoped I could solve it by making TAP a local network. NNNNNOPE.

I'm stuck. I need some help with the ICMP thing. Maybe someone who knows how to configure network filters can do the same thing with their own Kaspersky copy and see where my thinking is wrong.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
Guest

ICMP is needed for your devices to communicate with your router and also to get the server data in eddie client if you need it.

If you can do it you must enable icmp from your network (192.168.0.0-192.168.255.255, assuming that is what you have or else check) to your network (192.168.0.0-192.168.255.255) and also allow icmp to all air servers if you want stats to work.

Share this post


Link to post

Forward a port on airvpn, disable UPnP and NAT-PMP.  Don't forward the port on your router.

 

What are you referring to?

 

ICMP is needed for your devices to communicate with your router and also to get the server data in eddie client if you need it.

If you can do it you must enable icmp from your network (192.168.0.0-192.168.255.255, assuming that is what you have or else check) to your network (192.168.0.0-192.168.255.255) and also allow icmp to all air servers if you want stats to work.

 

ICMP messages to the web servers I tried to connect were being blocked, so it's not that.

Also, there's no setting for allowing/blocking all kind of ICMP messages, you have to choose exactly. For example, Echo Request/Reply, Timestamp Request/Reply,.. also, I can set three different codes - 0, 1 and 2, and this is a closed book for me. I have no clue what these would do. I could do it with trial and error, but I fear I'd need more than one rule, and this might take quite a long time..


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Hi, any progress? I'm just trying AirVPN for three days, but i'm experiencing the same issues of yours.

(DoS.generic.SynFlood blocked, troubles with Kaspersky Firewall).

As far as I can see, AirVPN.exe is a trusted application since two weeks, so it's just a matter of tweaking the software,
These are suggestions from Kasperski's Forum, but they actually donn't work: http://forum.kaspersky.com/index.php?showtopic=279745&hl=vpn+DoS.generic.SynFlood

Any new ideas?

Thanks

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...