Hi all:

Interesting situation I'm facing. I have 8 devices on my network that access the internet; however this issue applies to only 1 of them, a Vista-based laptop. Whenever I cease all activity on this laptop (no typing or moving the mouse) for about 10 minutes or longer, then I'm denied the ability to access the internet altogether, regardless the application, for about 30 seconds to 3 minutes. Here are the specific details:

- All web-browsing is denied by the firewall; this is true via IE, FF, and Chrome.

- The ability to open a new internet stream via WMP, VLC Media Player, JLC Internet TV, etc is denied

- The firewall, according to the logs, will recognise the attempts to access the internet, however, the firewall views all of those attempts as a portscan and logs it as a portscan and naturally denies the request, during the 30 seconds - 3 minute window; after which, the access requests are granted again, and are logged as regular access requests and not as portscans.

- During the period of in which I am not using the laptop (not moving the mouse or typing), all logged in sites/applications will continue to remain logged in and all streams will continue; Gmail will still receive new emails/IMs during the inactivity, Skype will receive new IMs/calls, all music/tv streams will continue playing during the time in which I'm not typing or moving the mouse. However, once I move the mouse or start typing in a window, after about 10 minutes, then I lose all browser-based logins (Gmail disconnects, Skype disconnects, Meebo will disconnect, etc) however all music/tv streams will continue to stream. If I attempt to open a new browser and surf, I'm not permitted to any site that is NOT on my local LAN and I cannot start a new stream of any sort. But again, all existing streams will continue.

- During the 30 second to 3 minute window, I have full access to all sites ON the LAN, I can ping anything ON the LAN, visit any http site on the LAN (printer config page, for instance), access another local system via RDP, etc, however I cannot visit the WebAdmin page for Astaro from this one computer.

- Releasing and Renewing the IP DOES work properly, however, I'm still denied the ability to access the internet if it's still within the 30 second to 3 minute window. Astaro is my DHCP and DNS server. Again, all attempts to access the internet are viewed as portscans, even after an IP renewal.

- I setup the laptop with a static IP that differs from the one assigned by Astaro; I tried a static IP that was both within the DHCP scope and outside of the DHCP scope, but the problem continues.

None of the other nodes (printers, servers, workstations, etc) experience this issue, only this one system.

I have Astaro Security Gateway V7 Firmware 7.500.

Any help would be greatly appreciated!
Eneg

Same here with windows 7.
I had to make my internal network an exception in Network Security - Intrusion Prevention - Exceptions, skipping anti-portscan

Thanks Moto for the info! This has been driving me crazy...I just made the change; I'll do some testing and reply back to let you know if it works for me as well.

Moto - While it's only been today that I've been testing, I've not had the problem since I made that change so that's a great sign. Thanks again!