1. Home
  2. Networking Firewalls
  3. Sygate blocking ipnat.sys / ntoskrnl.exe

Sygate blocking ipnat.sys / ntoskrnl.exe

I just installed Sygate Personal Firewall, and it keeps popping up a box telling me it has blocked ipnat.sys. It also happens for ntoskrnl.exe. I can't figure out why, because I have it set to Normal (ask) security level, and it's never asked me about these programs. In the application list they're both listed as "allow". None of these blocks show up in the logs - in fact, I keep seeing allowed traffic for both these programs, but the alert boxes keep popping up every few minutes. Everything seems to work, but I'd really like to know what's going on.

The only thing weird about my setup is that I'm using ICS in a bit of a complicated way - I have a virtual machine running (coLinux) and a Loopback and Tap interface bridged together to look like a second ethernet card (as described in

formatting link
so the "rest of the network" is actually running on the same box through the loopback interface.

Anyone know why these programs, and only these programs, are being automatically blocked?

Joe

Reply to
Joe Mason
Loading thread data ...

On 12 Nov 2004, "Joe Mason" wrote in news: snipped-for-privacy@arch.mshome.net:

I had this very same problem, and it was driving me nuts. I did two things, one or both of which seems to have fixed it. One was that I had renamed my internet connection in Windows. Turns out that the old name didn't carry through to Sygate's list of network interfaces. I had to edit all my advanced rules. The other thing I did was to upgrade to the latest version 5.6 build 2808.

The other problem I had been having was that applications were frequently mis-identified by Sygate, and the wrong things were getting blocked at the most inconvenient times. This, too seems to have stopped.

Reply to
Nil

I did the same thing! That must be it. Argh - how trivial and stupid! I will try renaming it back to "Local Area Connection" and see if that fixes it.

I'm already running that build, since this was my first install.

Thanks for the help!

Joe

Reply to
Joe Mason

On 13 Nov 2004, "Joe Mason" wrote in news: snipped-for-privacy@arch.mshome.net:

Please let me know if this works - then I'll know what the heck I did to fix my own problem!

Reply to
Nil

Well, I'm not entirely sure - I changed the name of my ethernet back to "Local Area Connection", but I couldn't remember the original names of my loopback and tap interfaces (installed with CoLinux). That didn't fix anything, but I thought it might be because not all the interfaces had been reverted.

So I deleted all my interfaces and created them again with the Add Hardware wizard. They showed up with names like "Local Area Connection 2"

- Windows remembered that I'd already had a "Local Area Connection" but then deleted it. This really annoyed me, cause I didn't want them named so sloppily. But that didn't fix the problem anyway.

So I uninstalled and reinstalled Sygate, thinking that maybe it scanned the interfaces on installation and would have problems if the names didn't match exactly. That still didn't fix anything.

So I've given up and just clicked the "Hide Notification Messages" in the Sygate firewall, and I'll hope that the spurious blocks don't hurt anything and that nothing else weird happens.

Joe

Reply to
Joe Mason

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.