I access a Small Business Server 2003 VPN from my home
workstation. Even after the installation of XP SP2, this
connection functioned correctly; however, after a lengthy
power outage that dropped my wireless Internet
connection, I can no longer access the SBS server *if the
XP firewall is active.* The connection seems to be
dropped, as the connection status box reads "Establishing
secure connection to [IP ADDRESS] (xx seconds)..." and
eventually times out.

If I disable the XP firewall, the connection connects
immediately. Other software/hardware possibly involved
(but seemingly not, as everythings functions fine without
XP firewall enabled): ZoneAlarm 2.6.88; Norton Antivirus
2003; LAN connection to Linksys EtherFast router, which
in turn connects to a WaveLAN Ethernet Converter, which
connects to my wireless ISP.

Any suggestions, other than disabling the XP firewall?

Gregg wrote:
> I access a Small Business Server 2003 VPN from my home
> workstation. Even after the installation of XP SP2, this
> connection functioned correctly; however, after a lengthy
> power outage that dropped my wireless Internet
> connection, I can no longer access the SBS server *if the
> XP firewall is active.* The connection seems to be
> dropped, as the connection status box reads "Establishing
> secure connection to [IP ADDRESS] (xx seconds)..." and
> eventually times out.
>
> If I disable the XP firewall, the connection connects
> immediately. Other software/hardware possibly involved
> (but seemingly not, as everythings functions fine without
> XP firewall enabled): ZoneAlarm 2.6.88; Norton Antivirus
> 2003; LAN connection to Linksys EtherFast router, which
> in turn connects to a WaveLAN Ethernet Converter, which
> connects to my wireless ISP.
>
> Any suggestions, other than disabling the XP firewall?

The XP firewall doesn't block any outbound ports at all - and since you have
ZA, I'd disable the XP firewall anyway. Is ZA set up to block all inbound
traffic (or at least, block all unneeded ports)?

>The XP firewall doesn't block any outbound ports at all -
and since you have
>ZA, I'd disable the XP firewall anyway. Is ZA set up to
block all inbound
>traffic (or at least, block all unneeded ports)?

Yes. I haven't enabled any inbound ports, and I am quite
comfortable operating without the XP firewall. What
puzzles me is that I keep reading that XP firewall does
not block outbound ports, yet I cannot connect to my VPN
with it enabled. *Something* must be blocking this
traffic, yet it works fine without the XP firewall.

At this point, I'm more interested in learning what is
happening than I am concerned about turning off the
additional XP firewall protection.

wrote:
>> The XP firewall doesn't block any outbound ports at all -
> and since you have
>> ZA, I'd disable the XP firewall anyway. Is ZA set up to block all
>> inbound traffic (or at least, block all unneeded ports)?
>
> Yes. I haven't enabled any inbound ports, and I am quite
> comfortable operating without the XP firewall. What
> puzzles me is that I keep reading that XP firewall does
> not block outbound ports, yet I cannot connect to my VPN
> with it enabled. *Something* must be blocking this
> traffic, yet it works fine without the XP firewall.

In general, VPN operates fine behind firewalls that block all inbound
traffic. All connections are initiated by the client. What VPN client are
you using?
>
> At this point, I'm more interested in learning what is
> happening than I am concerned about turning off the
> additional XP firewall protection.

If it were me, I'd a) not use more than one software firewall anyway and b)
be happy it's fixed.