Results 1 to 8 of 8

Thread: ZA Preventing browsing using Firefox

  1. #1
    ghostdraco Guest

    Default ZA Preventing browsing using Firefox

    I have seen this problem mentioned a couple of time on the forum but the solution seems to be a work around.

    The problem I am having is that after a period of time ZA just strats blocking DNS access for the browser. When the machines (I have tried this on all my PC's) first start up everything is OK. The machines have full web access. However after being left for a period of time the browser is all of a sudden not able to access DNS.

    To regain access the machine has to be rebooted. I have tried shuting down ZA and restarting it and the browsers in various orders, but until the machine is rebooted ZA keeps blocking DNS. If ZA is turned off everything works OK. But as soon as it is restarted the problem comes back.

    I have read on a couple of posts that say to put the DNS server address into the trusted zone, but this seems like a work around to the problem. I would be interested to find out why this problem occurs in the first place. I consider that opening up any address on the net to the trusted zone is a no no.


    Is there any suggestions from the ZA crew reagrding this ?

    Operating System:Windows XP Pro
    Product Name:ZoneAlarm (Free)
    Software Version:

  2. #2
    billc Guest

    Default Re: ZA Preventing browsing using Firefox

    You should put both your DNS & DHCP server IP's in the Trusted zone; this is not a work-around but the proper settings. The reason is that those servers use a protocol known as UDP which by default is block by Zone Alarm when on 'High' security. So add those IP's and it should fix your problem. In case you don't know, here's how.

    Finding DNS and DCHP servers, etc

    1. Go to Run type in command , hit 'ok', and type ipconfig /all then press enter. In the returned data list will be a line DNS and DHCP Servers with the IP address(s) listed out to the side.
    2. In ZA on your machine on the Firewall>Zones tab click Add and then select IP Address. Make sure the Zone is set to Trusted.
    3. Click OK and then Apply and see if that works to fix it..

  3. #3
    ghostdraco Guest

    Default Re: ZA Preventing browsing using Firefox

    Yep thx for the heads up.

    However,
    can you explain why the system works fine for a certain amount of time and then starts to block the DNS UDP packets.
    This seems like a bug to me. There is also no record in the log of the packets being blocked.

  4. #4
    billc Guest

    Default Re: ZA Preventing browsing using Firefox

    Rather than blocking DNS packets, what I believe is happening is that your DHCP server is being blocked and thus your IP is not renewed which means you'll lose internet access. Then when you try to go to a site, you've connection has been dropped meaning there is no access to your DNS server. Make sense?

  5. #5
    sd_reed Guest

    Default Re: ZA Preventing browsing using Firefox

    I was having this exact same problem and it was driving me crazy. The connection was good for awhile and then it just dies. Your solution fixed my problem as well; thank you very much.

  6. #6
    ghostdraco Guest

    Default Re: ZA Preventing browsing using Firefox

    Yep I understand that.

    The only point that would contradict that would be that I have a static IP. So there should be no changing of my IP if the connection is lost.

  7. #7
    davieh Guest

    Default Re: ZA Preventing browsing using Firefox

    <blockquote><hr>BillCherryAtl wrote:
    Rather than blocking DNS packets, what I believe is happening is that your DHCP server is being blocked and thus your IP is not renewed which means you'll lose internet access. Then when you try to go to a site, you've connection has been dropped meaning there is no access to your DNS server. Make sense?
    <hr></blockquote>


    Then, does it make more sense to allow outgoing DHCP/DNS for the Internet Zone &quot;High&quot; setting, because a direct internet connection would imply that these server IPs (WAN) can change and you then have to change their IP address in ZAlarm. As I'm behind a router, all my DNS/DHCP/Gateway is fixed in the (LAN) Trusted Zone.

  8. #8
    davieh Guest

    Default Re: ZA Preventing browsing using Firefox

    <blockquote><hr>DavieH wrote:
    <blockquote><hr>Then, does it make more sense to allow outgoing DHCP/DNS for the Internet Zone &quot;High&quot; setting, because a direct internet connection would imply that these server IPs (WAN) can change and you then have to change their IP address in ZAlarm. As I'm behind a router, all my DNS/DHCP/Gateway is fixed in the (LAN) Trusted Zone.
    <hr></blockquote>


    What I'm seeing is that the problem is fixed by the time you restart the computer (or IPConfig /renew the Connection?), but you still have to change the DNS/DHCP IP address in ZA!?. If this doesn't make sense, please excuse my newness to ZA or not understanding the problem.</blockquote>

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •