Extra networks (VM, VPN & ?wireless) not detected & silently allowed [V6][M189]

Still present in 2937.

Best wishes

Mike

Thank you for checking this.

The tracker has been updated.

Just wanted to reconfirm that this bug still exists on 6.3.302093.2976. In my case:

I have a new Win7 Pro laptop where I turned off Windows firewall and installed CIS 6.3.302093.2976. I setup my home network 192.xxxx/255.255.255.0 as Public (not home or work). Then, I connect via VPN to another network 10.xxx and get no notification or no new network zone (I am using Cisco AnyConnect VPN client).

Firewall is in Custom Ruleset mode. Enable detection of private networks is checked.

Network Zones just show Loopback (127.xxx) and Public #1 network (for 192.xxxx).

Manage Networks only shows local (192.xxxx) network (as connected) and does not show VPN network (10.xxxx), even though I am clearly on VPN network, only able to connect to the sites and devices on that network and not to general Internet sites. Command Prompt shows both networks. Windows’s Control Panel → Networks shows both networks connected.

I sometimes still get firewall asking me if I want to allow a program to connect to internet, including when I connect to one of the 10.xxx addresses. And when I look at Firewall Events log, I see that all “Out” events originate from 10.xxxx IP address while I am connected to VPN network.

So far, issue happens every time, 100% of the time.

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?: Very reliably - happens ALL the time.
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened:
    a: Start VPN client, connect to VPN network.
    b: Connection just happens (after I allow VPN client to connect) but no new network zone is setup and no new network discovery dialog appears.
  • If not obvious, what U expected to happen: Expected Network notification dialog to show up, ability to choose its setup, new Network Zone to be added, etc.
  • If a software compatibility problem have U tried the conflict FAQ?: N/A
  • Any software except CIS/OS involved? If so - name, & exact version: For VPN connectivity, I am using Cisco AnyConnect Secure Mobility Client 3.1.03103
  • Any other information, eg your guess at the cause, how U tried to fix it etc: N/A
    [/ol]

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: CIS 6.3.302093.2976, Firewall in Custom Rules mode, HIPS/BB enabled, Under Firewall settings following are checked:
Enable Firewall (Custom Ruleset)
Enable detection of private networks is checked,
Enable Trustconnect alerts
Turn trafic animation effects on
Set onscreen timeout (600 seconds)
all Advanced section options

  • Filter IPv6 Traffic
  • Filter loopback traffic
  • Block fragmented IP traffic
  • Do Protocol Analysis
  • Enable Anti-ARP spoofing
  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV:
    Firewall is enable at Custom Ruleset
    HIPS is enabled at Safe mode
    BB is enabled (autosandbox at Untrusted level)
    AV NOT installed
  • Have U made any other changes to the default config? (egs here.): Yes, listed above. Plus:
    I turned OFF (UNchecked) option to Trust applications by Trusted Vendors.
  • Have U updated (without uninstall) from a CIS 5?: No, never used CIS in the past. This was my first install of CIS ever.
    [li]if so, have U tried a a clean reinstall - if not please do?: N/A
    [/li]- Have U imported a config from a previous version of CIS: N/A
    [li]if so, have U tried a standard config - if not please do:
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: Windows 7 Professional 64 bit, SP1, UAC is at default mode (Notify when programs try to make change to my computer), No VM used.
  • Other security/s’box software a) currently installed b) installed since OS: Avira Antivir Antivirus
    [/ol]

Can you please check and see if this is fixed with the newest version (7.0.313494.4115)? Please respond to this topic letting us know whether it is fixed or if you are still experiencing the problem.

Thank you.

PM sent.

This is still happening in 7.0 4115. But it is regarded as too difficult to fix in view of the potential benefits by devs. Best Wishes, Mike

Okay. In that case I will move this report to Resolved. Let me know if something changes and I should move it back.

Thanks.