Firewall

AVG Firewall confirmation dialog

The AVG Firewall confirmation dialogue is displayed when you need to decide whether you wish to allow or block network communication for certain application. The dialogue is displayed because this application does not have defined rule that would specify an appropriate action. Please note that Firewall is also able to decide automatically for most applications - see FAQ 2497 for details.

The dialogue has the following options:

  • Allow for all - the communication for this application will be allowed for all networks (the whole Internet)
  • Allow for safe - the communication will be allowed only for networks, which are marked as safe (Tools -> Firewall configuration -> profile name -> Defined networks)
  • Block - the communication is blocked, which may restrict the application's functionality, or disable it altogether

Additionally, you can view details or rule can be made based on the selected action through these options:

  • Save my answer as a permanent rule, and do not ask me next time - AVG Firewall saves the selected action for the application into its configuration
  • Show details - displays information about the communication that induced the Firewall dialog
 

Is it possible to use more than one firewall?

Generally it is not recommended to use more than one firewall on an individual computer. The security of the computer is not enhanced if you install more firewalls. It is more probable that some conflicts between these two applications will occur. Therefore we recommend that you use only one firewall on your computer and deactivate all others, thus eliminating the risk of possible conflict and any problems related to this.

 

Does the AVG Firewall scan data for viruses while downloading from the Internet?

No. AVG Firewall only checks if the application/system process is allowed to connect itself to the network. File which is being downloaded is virus-scanned by theOnline Shield component. The downloaded file is virus-scanned by the AVG Resident Shield (executables and documents) when there is an attempt to execute it.

 

What possible actions can be defined for individual communicating applications

It is possible to define the following actions for communicating applications:

  • Allow for all: communication of this application is fully allowed.
  • Allow for safe: communication of this application is allowed to safe networks only.
  • Block: communication of this application is completely blocked.
  • Ask: when you run this application you will be asked if you would like to allow or block its communication.
  • Advanced configuration: it is possible to define which ports and networks allowed/blocked actions apply to.

To access and modify rules please proceed as follows:

  • Open the AVG program.
  • Choose the Firewall settings option from the Tools menu.
  • Select the Profiles -> your default profile (e.g. Standalone computer) -> Applications.
 

VPN server on Windows XP might be blocked by AVG Firewall

Due to error in one of the Microsoft Windows drivers (raspptp.sys), communication with VPN server might be blocked by AVG Firewall.

This situation might occur when you set a VPN server on Windows XP with Service Pack 3 (newer versions Windows Vista and Windows 7 are not affected) where AVG Firewall is also installed. When some other station then tries to contact this VPN server, the connection will be blocked.

Currently, the only solution is to turn the AVG Firewall off or to wait for Microsoft update that will fix this issue.

 

How to deactivate the AVG Firewall?

If there is a problem with the Internet connection or the sending/receiving of e-mails and you suspect the AVG Firewall could be the problem, or there is another reason for deactivating the AVG Firewall, follow these steps:

  • Open the AVG program.
  • Double click on the Firewall component.
  • Choose the Firewall disabled option.
  • Confirm changes by clicking on the Save changes button.

Now the AVG Firewall service is switched off. When you need to re-activate the AVG Firewall, please tick the Firewall enabled option using the steps above.

Please note that when the AVG Firewall is deactivated, your PC is vulnerable to attacks from the Internet. Your anti-virus protection is not affected by disabling the AVG Firewall.

 

Firewall informs you that some data is sent during AVG activity

It is possible that after installation of AVG, your firewall (typically Sygate Personal Firewall, Kerio Personal Firewall, etc.) will inform you that some data has been sent from your computer during the AVG update process or any other AVG action. This usually happens when one application launches another and then the second one connects to the Internet.

If you see any AVG application that is launched from the folder where AVG is installed (Program Files\AVG\AVG9 by default) mentioned in this message, you do not have to be worried about this. You can safely click on the YES button and allow this communication. For a scheduled AVG update we also recommend you to enable the "Remember my answer, and do not ask me again for this application." option.

 

Automatic decisions in AVG Firewall

AVG Firewall is able to automatically decide the best action for application and create rule for it. This way, user is not required to decide by himself. Decision is done through several ways:

  • Database of trusted application - AVG can verify if application is present in internat database of trusted applications. Based on this it can also create advanced rule for its communication.
  • Digital certificate - some applications may be digitally signed. AVG recognizes trusted certificates and can allow such trusted applications automatically.
  • Identity Protection (if available) - based on results from Identity Protection component, AVG can automatically block harmfull applications.

If you want to disable this automatic decisions, follow these steps:

  • Open the AVG program
  • Select Firewall settings from the Tools menu
  • In opened window, select profile you want to change under the Profiles branch
  • On the right side disable the Use Trusted Database for this profile option
  • Save changes by clicking OK

This way, AVG Firewall will not automatically allow or block applications. All unknown applications will be handled according to settings of Other Application Rule (in default settings user will be asked about each unknown application).

 

Firewall is inactive, not working or in error state

Because there are several reasons why AVG Firewall can become inactive, we recommend proceeding as follows to address the most common causes and fix the problem:

 

Run the AVG Firewall configuration wizard:

  1. Open the AVG program.
  2. Double-click the  Firewall component, and then click Regenerate configuration.
  3. Click Yes to confirm the replacement of Firewall settings.

If the issue persists, re-initialize the AVG Firewall component in Windows:

Windows Xp
  1. Open menu Start -> (Settings) -> Control Panel.
  2. Double-click on Network connections.
  3. Right-click on the connection you are using and select Properties.
  4. Under This connection uses the following items un-tick AVG network filter driver.
  5. Click OK to store the changes.
  6. Once more right-click on Local area connections -> select Properties.
  7. Tick the AVG network filter driver and click OK.
  8. Restart your computer.
  9. If the problem persists, please go to the next step.
 
Windows Vista / 7
  1. Open menu Start -> (Settings) -> Control Panel.
  2. Double-click on Network and Internet -> Network and Sharing Center.
  3. Click on Change adapter setting in the left pane.
  4. Right-click on the connection you are using and select Properties.
  5. Under This connection uses the following items un-tick AVG network filter driver.
  6. Click OK to store the changes.
  7. Once more right-click on Local area connections -> select Properties.
  8. Tick the AVG network filter driver and click OK.
  9. Restart your computer.
  10. If the problem persists, please go to the next step.
 
 
 

Firewall is not working after upgrade to Windows 7

Due to the changes that are being done when upgrading from Microsoft Windows Vista to Microsoft Windows 7, AVG Firewall might stop working.

It will then report the "Firewall cannot start because an error occurred in communication with driver" error message.

To rectify this issue please do the following:

  • Open the Windows Control Panel (click Start -> Control Panel)
  • Click on the Network and Internet option and then on Network and Sharing Center (based on the view, you may be able to click on the later option first).
  • Click on the Change adapter settings option on the left side of the dialog.
  • In opened window right-click on Local area connections -> select Properties.
  • Under This connection uses the following items un-tick AVG network filter driver.
  • Click OK to store the changes.
  • Once more right-click on Local are connections -> select Properties.
  • Tick the AVG network filter driver and click OK.
  • Restart your computer.

If AVG Firewall is still not working, please uninstall AVG first and then install it again. See FAQ 3448 for uninstallation and FAQ 3250 for installation steps.

 

Firewall does not function after the Windows Operating System upgrade

The AVG Internet Security with the Firewall component installed does not function after the Windows Operating System upgrade process correctly.

It is caused by Windows NDIS stack design limitation - AVG NDIS driver connection to the stack is corrupted during the upgrade process.

To ensure correct AVG functionality after the Windows Operating System upgrade you have to uninstall AVG before start of the upgrade process, then install it again after the upgrade process is finished successfully.

Please perform these steps:
1) Uninstall the AVG Internet Security product (See FAQ 3448).
2) Perform the Operating System upgrade process.
3) Install the AVG Internet security product (See FAQ 3250).