Re: Fucking useless kerio firewall

From: Duane Arnold (notme_at_notme.com)
Date: 11/17/03 

Date: Mon, 17 Nov 2003 04:08:44 GMT

John <john@john.com> wrote in news:d6fgrvsiqmhfq7uoj91956o53fe894bnf6@
4ax.com:

> OK, using the 4.0.7 personal firewall. Symantec just pisses me off,
> TPF just is too much of a pain in the ass since it never tells me when
> something is trying to get out, so I have to wait to see everything
> that fails (such as proprietary VPN *** from various clients). Zone
> Alarm never ceased to drive me nuts.
>
> So I decided to give Kerio Personal Firewall a try. So I have a VPN
> tunnel working to my work network (granted, even with all the rules,
> the only way to actually get the VPN tunnel established is to disable
> Kerio - then once I ping an internal IP on my remote network to bring
> up the VPN tunnel, I can re-enable Kerio again and all works fine,
> ping, etc... But it'll NEVER start without killing the firewall
> first). So I get the connectivity to my work network going (I have
> trusted networks set up with both the internal IP of my work network
> as well as the external IP's of my netork) and I fire up MS Outlook to
> connect to my exchange server. now, with Symantec Firewall, if I had
> the 172.16.x.x range in my "trusted", as well as my external range, I
> never had an issue. But with fucking Kerio, even having both the
> internal and the external ranges set up (so that first, the VPN tunnel
> can connect to my external address of my firewall at work and the
> internal addresses will work for exchange) it still fails. Like I
> said, I can't even ping (though ping is allowed out anywhere) until I
> kill the firewall to establish the VPN. Then the VPN comes up, and I
> can re-establish the firewall and the VPN stays up (so evidently I
> have the right rules there, otherwise it would fail again once I
> restart the firewall). Fucking Exchange gives me about 12 or 15
> fucking prompts for everything from the firewall to allow or deny even
> though the IP it's getting at is on a fucking TRUSTED NETWORK.
>
> I'm so fucking fed up with all these piece of *** little personal
> firewall pseudo programs. I'm so accustomed to actual VPN appliances
> (even a piece of *** sonicwall is better than this ***) that I just
> don't have the patience anymore for these fucking software abortions
> that these people call programs.... Anyone have anything that works
> the way it *should* (i.e. I say x.x.x.x to x.x.x.x is trusted, it
> won't fucking ASK me a dozen times for something going to that allowed
> range)?
>
> Thanks from a fed up end user.
>
> J
>
>
>

Well,

All I can say is with connecting with my home network from my company
work machine at work when I was able to do it, all I told BlackIce was
company.link1 and company.link2 and BlackIce figured out the IP(s).

I can also give the IP range in the rules like 192.168.1.100-
192.168.1.200. Port ranges like 50-100 TCP or UDP and BI works with VPN
connections.

Kerio cannot be all that bad. :)

Duane :)