I connect to my company servers through a VPN tunnel called Wathguard Firebox SSL using Citrix conection software
from my home office. I just installed Zone Alarm and all of the sudden when I have the VPN active I can not connect to the web using my Internet Explorer. I use VRS 6 on my Laptop and Vrs 7 of IE on my desk top so it is not IE. I spoke with our admin person and went to ZA, CITRIX and Watchguards web sites and none of their knowledge bases could help. Below is the comments I got from my Admin and what I tried to do to fix this. Noe of these worked. Any ideas?
From what we were finding yesterday:
<ul>[*]When the firebox software and zone alarm are running and we do nslookup, it tries to contact the correct address for the DNS but appears to be blocked.
For example, even a ping to 22.214.171.124 would not respond.
With the Zone alarm software disabled, the ping or nslookup command would respond.[*]The ip address of the DNS was acquired from the router.
If on wireless router, it would use the default gateway for name resolution (192.168.0.1)
and, if on the local network, it would use the DNS specified by the router on the network (126.96.36.199).
Your DNS IP address may be different depending on your Internet Provider.[/list]
What this all means to me is the blocking is happening on the Zone Alarm side where it detects that a software application other than Windows (Firebox SSL) is attempting to contact an outside site (DNS server in this case) and is blocking it.
According to the Zone Alarm documentation, you can change the levels of the DNS blocking by going to Firewall|main. Go to Custom and turn off the blocking for Outgoing DNS and this should resolve your issue (under Internet Zone Security I believe).
Because Firebox works at the network levels there may not be a way to disable the blocking just for that application although that would be ideal but I suspect Zone Alarm doesn t have a way to do that.
You would have to work with the ZoneAlarm support to get that information.
By turning of Outgoing DNS blocking (port 53) , that should get you going for now.
I don t like these firewalls because 98% of the time they cause more problems then they solve.
It s like having an alarm in your house which goes off every time the doors open but you can t turn it off. :^)
Let me know how that goes.
I spent the last 2 hours trying to get information on why Zone Alarm blocks my access to web pages on Internet Explorer. I tried all of your suggestions and found that it is happening on all three of my machines. I had forgotten that IU had switched over to Zone Alarm on my 2 desk tops last Friday. It appears that this is not an issue with Norton or LinkSys.
Zone alarm does not have anything specific in their forum or knowledge base. Citrix does not either. I finally figured out that you have Watch guard as your VPN box. I can not get into their web site because I do not have your user name and password. I tried their customer support and they do not have this registered so their support people could no help me till you register the box.
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite