Norton Internet Security 2010 Block IP Rule Doesn't Work

DiabloBlack · ‎09-26-2010

I am trying to create a firewall rule in Norton Internet Security 2010 that I just can not seem to get to work. This rule is to block specific IP addresses from accessing my web server. I am running Apache on Windows 7.

This is the setting for the rule (Smart Firewall / Advanced Settings / General Rules):

Click: Add
Action: Block
Connections: to and from
Computers: Specific (an IP that attempts to search for proxy connections, also an IP and Host from my VPN as a test)
Communications: All
Advanced: Check marked Create a Security History log entry and Apply this rule when from NAT traversal.
Description: Custom Block Specific IPs
Clicked: Ok
Moved rule to the top of the list
Clicked Ok times 3
Clicked X to send Norton Internet Security back to thre system tray.

I then tested this rule from another computer already connected to VPN (rule matches this host and IP) but the rule does not work. I am able to connect to my web server with out any problems at all. I checked my Apache log and I see my VPN connection logged as normal. I also see the specific IP address I am trying to block from proxy searching my web server in the logs as well.

Just for the heck of it I went back into the Smart Firewall settings and turned on Block All Network Traffic for a duration of 15 minutes. I am still able to connect to my web server from outside my network without any problems at all. I do notice that the Block All Network Traffic is blocking me from most outbound connections (e.g. can open a web page in my browser) but Apache seems to be working fine. I read that Advanced Settings (General Rules) are applied before Program Control rules are. I even went so far as to create a rule spcifically for Apache to block the IP's I am using from the General Rules and it still does not work.

Any idea what I am doing wrong?

AllenM · ‎12-14-2008

Hi DiabloBlack,

Welcome to the Norton Community. What version of NIS 2010 do you have? You can get this from Help & Support > About. Is your Windows 7 32 or 64 bit?

Is the computer that you are creating the firewall rule on the one that also hosts your Apache server?

It sounds like you have made the correct settings. But also click on the Network Security Map from the main NIS window. When the security map is displayed what trust level is the other computer set to?

You are also entitled to a free upgrade to NIS 2011 if your subscription is current. You can get this from http://updatecenter.norton.com/.

As a precaution you can back up your Identity Safe by following the procedure here. And save your Norton product key which is available in your Norton Account.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)

DiabloBlack · ‎09-26-2010

Hi AllenM,

Thank you for the quick reply.

"What version of NIS 2010 do you have? You can get this from Help & Support > About."

I just upgraded to NIS 2011 (18.1.0.37) and rebooted.

"Is your Windows 7 32 or 64 bit?"

I am running Windows 7 64 bit.

"Is the computer that you are creating the firewall rule on the one that also hosts your Apache server?"

Yes

"When the security map is displayed what trust level is the other computer set to?"

The other computer does not show in the Network Security Map as I am not connecting to VPN through my home ISP.

I noticed my custom rule was gone after I upgraded to NIS 2011 so I readded it but it still does not work.

The rule is very strick as it is "supposed" to be blocking All ports and connections types in both directions for the specified IP / Host. I am not sure at this point what I may be doing wrong. If there was a way to export the rule and share it here I would.

Confused

AllenM · ‎12-14-2008

Hi DiabloBlack,

Thanks very much for the update. Please click on History from the main NIS window and then select Firewall Activities from the drop down list. Do you see anything being logged for inbound connections when you reproduce this problem?

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)

DiabloBlack · ‎09-26-2010

Hi AllenM,

Not sure what I did but I have it working now. I took "all" rules out for General and Programs and started fresh. Also turned off Auto Program Control and let NIS ask me as programs requested access (specifically Apache). I then put everything back to normal. I added my rule back and it started working, it was also logged like it should be.

Thank you for your assistance and time in helping me with this problem.

AllenM · ‎12-14-2008

Hi DiabloBlack,

You are most welcome, though I don't think I really did anything to solve the problem in this case.

One of the things I was going to suggest trying when it came to that point was doing a firewall reset but it looks like you got it working now so that is good.

Thanks for letting me know how things are going.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)