Configure your software firewall

From Second Life Wiki
Revision as of 08:32, 7 September 2011 by Jeremy Linden (talk | contribs)
Jump to navigation Jump to search

Introduction

Firewalls and internet security software have caused problems with Second Life for many Residents. It's important to realize that these programs are designed to block network traffic! As a result, if you have a firewall set up, and you're having network issues with Second Life, you should spend a few minutes configuring your firewall setup, even if nothing has changed.

Hardware firewalls, such as routers, are typically configured to block data coming from specific network "ports" (except commonly used ones like web pages and instant messengers); this includes most network ports Second Life uses.

Internet Security software also blocks network traffic; however, these programs can cause a great deal of trouble if not configured correctly. The most popular versions of internet security software contain additional features (Internet Worm Protection on Norton Personal Firewall/Norton Internet Security, Intrusion Detection Service for McAfee Personal Firewall, and SmartDefense on ZoneAlarm) that analyze internet programs and their network traffic. Based on an undetermined set of factors, including the patterns of network data, the internet security program may decide to block even a trusted program. These programs may also block a trusted program if its executable changes (which happens every time a new version of the Second Life software is released). Depending on how this internet security software is configured, it may continue to list Second Life as a "trusted program" while blocking it due to these features.

If your login to Second Life fails at "Verifying Protocol Version", or cannot find the server, or if you disconnect from Second Life automatically every few minutes, a firewall is often the cause.

How you configure your home network and secure your computers is, of course, your own decision. However, Linden Lab cannot provide support for configurations where a firewall or internet security software is interfering with Second Life's network access. These setups need to be configured properly for Second Life.

In addition, it may be helpful to know we use the Amazon S3 service for downloads of the Second Life viewer. Read more in this blog post by Jeff Linden to understand what that means.

Configuring your software firewall

Software firewalls should list Second Life as a "trusted" program. We highly recommend turning on any notification for blocked network activity. You should frequently monitor your software firewall settings, as some versions change their own settings in an attempt to provide tighter security.

You need to consult the documentation for your software, or go to the manufacturer's website for details on how to configure your internet security software. Linden Lab cannot provide support for third-party software.

Don't forget the built-in Windows Firewall; certain system updates may cause the Windows Firewall to re-enable itself. You can find the Windows Firewall in the Control Panel, under Security Center.

Norton Internet Security / Norton Firewall

  1. Start Norton Internet Security or Norton Personal Firewall.
  2. In the main program window, click Personal Firewall.
  3. Click Configure. The Personal Firewall configuration dialog box appears.
  4. On the Programs tab, the Manual Program Control list contains a list of programs.
  5. Click on the rule(s) for Second Life.
  6. Click Remove.
  7. Click OK to confirm the removal.
  8. Click Add and manually navigate to C:Program FilesSecondLifeSecondlife.exe

Something else that might prove helpful: Turn off Internet Worm Protection.

Link to Symantec for Norton product configuration

McAfee Personal Firewall

  1. Open the Personal Firewall and navigate to Internet Applications.
  2. Click on any listing(s) for Second Life and choose Delete Application Rule on the lower right.
  3. Click on New Allowed Application underneath the program list, and navigate to C:Program FilesSecondLifeSecondlife.exe

Additional helpful settings:

  • Turn off Smart Recommendations.
  • Turn on Show Red and Green Alerts, or Show All Alerts.
  • Set the Security Level to Standard or lower.

ZoneAlarm

  1. In the Programs panel, remove any entry for Second Life.
  2. Scroll down to the white area at the bottom of the programs list. Right-click and highlight Add Program.
  3. Browse to C:Program FilesSecondLifeSecondlife.exe and click Open.

Additional helpful settings:

  • Set Security for the Internet zone to Medium or lower.
  • Open the specific ports Second Life uses (see above) under Firewall > Main > Internet Zone Custom Settings.
  • Many ZoneAlarm products include an AntiSpyware tool that detects some programs as a Remote Access Tool. These programs are quarantined by default. To set Second Life as a trusted program:
    1. Go to AntiSpyware advanced settings and set it to not automatically treat infections.
    2. Run the AntiSpyware scan.
    3. Locate Second Life.
    4. Choose Always Ignore.
    5. You may then set AntiSpyware back to automatically treat.

More information about configuring your network for Second Life

Configuring your firewall describes how to configure a hardware firewall, such as a router. It also describes which ports and server IP addresses Second Life uses in order to connect and run properly.