How do I change firewall settings modified by VPN server?
(This actually happened while I was running Lion, but seems to be the same problem under Mountain Lion)
I installed Check Point Software Technologies Ltd. Endpoint Security VPN for Mac E75 VPN client on my iMac to access my employer's network. It worked, but after I logged onto my employer's network, I lost contact to both my Time Capsule and Airport Express (Airport Utility stops "seeing" them, even though I am still connected over wi-fi to the internet through the airport router in the Time Capsule), and iTunes stopped "seeing" my iPad and iPhone.
I looked on Check Point's support pages and saw this "Known Limitation":
Issue ID: 00885275
After Endpoint Security VPN is installed and a client is connected to the gateway, automatic sync with Time Capsule and iPhone Wi-Fi sync might not work correctly.
This can happen because of a restrictive Desktop Policy.
To resolve this issue, allow these services in the "Inbound rules" of the Desktop Policy:
SSDP: UDP, port 1900.
mDns: UDP, port 5353.
Further research in the Endpoint Security VPN for Mac E75 Administration Guide told me this about "Desktop Policy":
The Desktop Firewall
Endpoint Security VPN enforces a Desktop Security Policy on remote clients. You define the Desktop Security Policy in a Rule Base. Rules can be assigned to specific user groups, to customize a policy for different needs.
Important - Before you begin to create a Desktop Security Policy, you must enable the Policy Server feature on the gateway.
Endpoint Security VPN downloads the first policy from the gateway. It looks for and downloads new policies every time it connects or on re-authentication.
When Endpoint Security VPN makes a VPN connection, it connects to the gateway and downloads its policy. Endpoint Security VPN enforces the policy: accepts, encrypts, or drops connections, depending on their source, destination, and service.
So (I think) what happened is when I logged on to my employer's network, it re-configured my firewall to limit my network connections resulting in the above-described problems.
Logging out did not change anything. Uninstalling the VPN client did not change anything. It looks like the changes "enforced" by the VPN client are persistent, and can only be changed "manually."
I doubt I will be able to prevail upon my employer to change its desktop policy. So I'm ready to bail on using the VPN client, but how do I reverse the changes my employer's "desktop policy" made?
The System Preferences Firewall options seem kind of high level. I would note that iTunes looks like it is open to all connections.
Thoughts? HELP.
It is not something I have played with.. but I would turn off the Mac's firewall and see if that fixed the problem.. the firewall of the Mac is helping your security.. but the main security is actually the NAT router in the TC. It is extremely difficult to break NAT routing.. It is effectively a firewall itself. So turning off the firewall in the Mac is not a biggie. The reason I want you to do that even if just for a few minutes.. and perhaps turn it off and reboot the computer to make sure the rules have stopped being applied.. is to see if the firewall is actually the culprit.
What I am reading from what you have posted is the vpn client itself is the software blocking connections. And I doubt a third party software would change rules to the internal firewall.. but i am guessing.
Once you have tested it.. if the firewall off fixes it.. then you will need to hunt around.. perhaps in a TM backup for the actual file that is altered that contains the rules.. I have not looked.. and don't use firewall on the end client anyway as I have a firewall rated router.
If the firewall off does not fix the problem.. which is what I suspect. Did you use the uninstall software correctly and did it give any error messages??
Go to the activity monitor and check all the running processes.. anything there that is named after the vpn.. try to quit. See if you can stop the process.. If the issue is major.. and the process won't quit see if the Checkpoint support can help or google their knowledge base for info on how to get back to normal operations.
Similar Messages
-
How do I change firewall settings?
I have been having trouble for months logging into a website that I had zero problems with under my last provider (and am having no problems accessing using my laptop's Wi-Fi). I've checked out just about every other possiblie cause and a friend thought it might be the firewall settings on my router (I have FIOS and the MI424WR Rev. F) and suggested I take a look at the settings and see what happens if I set them lower.
Said friend, didn't however, tell me how to do that. How do I get to the firewall settings in order to do an experiment and see if it's the firewall that's causing my headaches? I'm getting desperate.Or how about a Bogon filter due to his current IP address now that he is on Verizon? The OP doesn't provide any info on messages he may be getting, so this is just a guess.
Justin
FiOS TV, 25/25 Internet, and Digital Voice user
QIP7232, QIP7100-P2, IMG 1.9
Keller, TX 76248 -
How do I change the settings for the DNS server on...
I am connected to the network but I can't access the internet unless I change the DNS servers, I can see the IP address, gateway and DNS settings but there doesn't seem to be anyway to edit them. Please help! I don't want to have to return the phone.
Vpedrosa wrote:
I am connected to the network but I can't access the internet unless I change the DNS servers, I can see the IP address, gateway and DNS settings but there doesn't seem to be anyway to edit them.
You can't as here:http://answers.microsoft.com/en-us/winphone/forum/wp7-wptips/how-to-set-manual-ip-dns-in-nokia-lumia...
Happy to have helped forum with a Support Ratio = 42.5 -
How can I change the settings in the Health App from Imperial to metric - eg to metres and kilos ?
How can I change the settings in the Health App from Imperial to metric - eg to metres and kilos ?
We may have to wait for an update. Aside from changing the country, I'm not sucre this can be done. There is no Health App in the System preferences and no way to modify from within the app. Weird.
If you go to Language & Region under general settings and choose any other country, you will get Metric. I have the opposite problem. I live in a Metric country and want my health app to be in lbs and inches which is what I am used to. -
How can I change the settings wit mail so that when I delete my Verizon email from my iPhone it will also delete from my iPad too.... Seems like I shouldn't have to delete my email in three places...iPhone ..iPad ...and desktop
Don't know which email host you are using, but if this is a POP account, you can't do it. If IMAP, then deleting one email should delete it on all other devices.
-
My mother used to be the bill payer on my iTunes account so now every time I send an email from my iCloud account it sent with her name, how can I change the settings so emails are sent from myself?
I've changed the bill payer to myself but it stills says on emails that I sent that its from my mother.In order for the "From" field to show you options on the "from" addresses available, you must set them up in the Preferences > Accounts first.
I can't show you a screen shot of the from field because I currently only have one account, so the from address used is the default. However, when I had more than one, then options will show up in your compose/reply window.
You'd need to add an account here: -
I had my iphone 4s synced to itunes on my work laptop. The IT group at work stripped out that installation and will not allow me to reinstall. My iphone insists it has to sync to my work laptop itunes. How do I change iphone settings to look at an itunes installation on my personal laptop?
dcotejr wrote:
I had my iphone 4s synced to itunes on my work laptop. ... How do I change iphone settings to look at an itunes installation on my personal laptop?
You cannot.
By Design the iPhone can Only Sync to One iTunes Library at a time. -
When I send a message in a group with non-iPhone users it appears as "New Multimedia Message." One of my friends in the group also has an iPhone and his doesn't appear this way, how do I change my settings so it appears as a normal text message and not an mms?
iOS: Troubleshooting Messages - Apple Support
Send a group message with your iPhone, iPad, or iPod touch - Apple Support
Send messages with your iPhone, iPad, or iPod touch - Apple Support -
When I click on a hyperlink it automatically opens it up in a PDF or Adobe Acrobat. How do I change my settings so that when I click on a link it opens it up in a new web page like it is supposed to?
Install this Add-on: https://addons.mozilla.org/en-US/firefox/addon/open-link-in-new-tab/
-
When I open a new website, the page does not open, instead it places a tab in the bottom task bar? How can I change the settings so as when I open a new website the page is automatically displayed on my desktop. Thank You!
Tools > Options > Tabs - is the last preference there check-marked??
-
Preview failed because Adobe Muse could not make a connection over HTTP. The most common cause of this is Firewall software which prevents HTTP connections. You may need to change Firewall settings to allow Adobe Muse to make connections.
no firewall at all, in win 8.1, turned it off for all networks
ftp and publish works just fineHi,
Please take a look at this post : Re: Adobe Muse - Preview Failed
Regards,
Aish -
I have recently moved all of my files to a larger external hard drive, but when I am reminder of an itunes upgrade it's still attempting to go to the old drive. How can I change the settings so it automatically goes to my new hard drive?
lisacooney wrote:
I have recently moved all of my files to a larger external hard drive
How did you move these files? -
How do I change the settings on my ipod so that it plays continuous music. Right now, it plays the same song over and over, even if I select the shuffle icon. It used to show the continuous play icon, it doesn't anymore.
Right click on a movie(in iTunes), and click "get info" then go to album artwork and add the artwork that you want...
-Messymeese -
I recently switched over from Apple to Sony and I would like to know how I can change my settings so that all my iCloud emails are forwarded to my Gmail account?
Log in on iCloud.com and go to Mail. In Mail, at the bottom left you should see a gear icon. Click on it, go to Settings (or Preferences, I'm doing this from memory), and in there you'll find an option to forward your iCloud email to another service.
-
How do I change default settings in the author field when I edit or insert a comment in a PDF?
How do I change default settings in the author field when I edit or insert a comment in a PDF?
Generally it gets this info from the Identity in the preferences. Unfortunately, I know of no way to change the Login Name that shows up in the comments. I need to look at newer versions of Acrobat on other machines, this is AA8.
Maybe you are looking for
-
How to use standard program RSCP_CONVERT_FILE?
Hi experts, I got a requirement to convert the file format from non_unicode to unicode. For that I am using the standard program RSCP_CONVERT_FILE. Its working fine for Local PC. But am getting problem while reading file on Application server. In sel
-
Hi, cftransaction is working perfectly when all the insert updates are called by cfqquery. But when there is a mysql stored procedure call with in cftrnsaction and that mysql stored procedure is having many inserts and updates, cftransaction is not a
-
Problem scrolling using property nodes
What Im trying to do is a "fake scroll bar" using numeric controls and the VI Property FP Origin for the same vi where the numeric controls are. The problem is that when the vi is running and I use the scroll bar the controls also move and is a mess.
-
Quizzes - More than 1 question per screen
Hi There, I am new to capptivate this week and am wanting to know if anyone knows how to place more than one quiz question on a single screen? Many thanks in advance Ali
-
Illustrator CS4 will not install
Win 7 64 bit, Photoshop CS4 installed. Try to install Illustrator CS4 and runs into a problem updating Photoshop and stops the install.