WinRoute Firewall
Conflicting Software
The WinRoute host can be used as a workstation, however it is not recommended as user activity can affect the functionality of the operating system and WinRoute in a negative way.
WinRoute can be run with most of common applications. However, there are certain applications that should not be run at the same host as WinRoute for this could result in collisions.
Collision of low-level drivers
*WinRoute Firewall may collide with applications that use low-level drivers with either identical or similar technology. The following applications are typical:
*Application for Internet connection sharing e.g. Microsoft Internet Connection Sharing, Microsoft Proxy Server, Microsoft Proxy Client, etc.
*Network firewalls i.e. Microsoft ISA Server, CheckPoint Firewall-1, WinProxy (by Ositis), Sygate Office Network and Sygate Home Network, etc.
*Personal firewalls i.e. Kerio Personal Firewall, Internet Connection Firewall (included in Windows XP), Zone Alarm, Sygate Personal Firewall, Norton Personal Firewall, etc.
*Software designed to create virtual private networks (VPN) i.e. software applications developed by the following companies: CheckPoint, Cisco Systems, Nortel, etc. There are many such applications and their features vary from vendor to vendor.
*Under proper circumstances, use of the VPN solution included in WinRoute is recommended (for details see chapter Kerio VPN). Otherwise, we recommend you to test a particular VPN server or VPN client with WinRoute trial version.
Note: VPN implementation included in Windows operating system (based on Microsoft\'s PPTP protocol) is supported by WinRoute.
Port collision
Applications that use the same ports as the firewall cannot be run at the WinRoute host (or the configuration of the ports must be modified). If all services are running, WinRoute uses the following ports:
*53/UDP DNS Forwarder
*67/UDP DHCP server
*1900/UDP SSDP Discovery service
*2869/TCP UPnP Host service
The two recently mentioned services belong to the UPnP support (see chapter Universal Plug-and-Play (UPnP)).
*3128/TCP HTTP proxy server (see chapter Proxy server)
*44333/TCP+UDP traffic between Kerio Administration Console and WinRoute Firewall Engine. This service cannot be stopped.
The following services use corresponding ports by default. Ports for these services can be changed.
*3128/TCP HTTP proxy server (see chapter Proxy server)
*4080/TCP Web administration interface (refer to chapter Web Interface and User Authentication)
*4081/TCP secured (SSL-encrypted) version of the Web administration interface (see chapter Web Interface and User Authentication)
*4090/TCP+UDP proprietary VPN server (for details refer to chapter Kerio VPN)
Antivirus applications
If an antivirus application that scans files on the disc is run on the WinRoute host, the HTTP cache file and the tmp subdirectory (used to scan HTTP and FTP objects) must be excluded from inspection. If the antivirus is run manually, there is no need to exclude these files, however, WinRoute Firewall Engine must be stopped before running the antivirus (this is not always desirable).
Note: If WinRoute uses an antivirus to check objects downloaded via HTTP or FTP protocols, the cache directory can be excluded with no risk files in this directory have already been checked by the antivirus.