Does this site look plain?

This site uses advanced css techniques

Evolution Logo

Every service bureau offering Evolution Remote has had to deal with the dreaded Socket error 11004 from a remote client, and this almost always means that the user's workstations runs a personal firewall that's blocking the outgoing connection.

Table of Contents

The general idea is to grant Evolution.exe the right to make outbound network connections, and this includes the right to make DNS requests. In fact, the 11004 error usually means that DNS ("", etc.) cannot look up this name into an IP address.

Though one can technically get past this error by entering an IP address instead of a DNS name, Evo Remote will immediately have the next step of the actual data connection to the server blocked.

All firewalls offers a way to get around this, though the method differs for each (including having per-version specific instructions). In this Evo Tip we will touch on the methods we've learned over time, and invite users to contribute others they've discovered.

Note that even though many firewalls have version-specific instructions, they are often close related enough that one version's info can help make educated guesses

General Firewall Provisions

Evolution Remote is strictly an application client, and the firewall needs are very modest. Note that we use "Evolution Remote" to mean the whole family of Evolution client programs: Evolution Remote, Evolution Offline Remote, and Evolution Local (the latter used internally by service bureaus).

Evolution Remote requires...

We recommend making a blanket allow of all three 9901..9903 no matter which connection type is chosen (Modem, DSL, T1) because they all serve the same protocol, and it removes on bit of ongoing maintenance to just handle them all.

Note that the outgoing-connection requirement applies to not only the user's personal firewall, but to the corporate firewall as well: some enterprises heavily lock down outgoing connections and must make a rule allowing this SSL-encrypted Evolution traffic.

NOTE - We don't believe that Evolution Remote ever require any inbound firewall exceptions.

Windows XP Service Pack 2 firewall

The Windows XP/SP2 firewall is inbound only, and should never have any effect on Evolution's outgoing traffic - it can be fully enabled with no ill effect.

Norton Internet Security 2006

Norton Internet Security has long been the bane of IT departments, and the personal firewall should probably disabled entirely for corporate users with an enterprise firewall at the border. But for those who must run NIS, these steps will whitelist Evolution:

Now Evolution will be able to make all the outgoing connections required.

McAfee Personal Firewall Plus

When McAfee is blocking Evolution, Evo fails with Socket Error #10022, and this can be fixed by granting full access to EVOLUTION.EXE. These are the steps:

Windows Live OneCare

10013 Error Windows Live OneCare (version unknown, running on Windows XP) blocks outbound traffic by unapproved applications and produces an error as seen to the right.

The main clue is the error # 10013, which we've not seen used before with any other kind of personal firewall.

Fixing this requires adding Evolution to the list of approved applications. To do this:

  1. Double-click on the Live OneCare icon in the system tray (down by the clock)
  2. In this dialog, click on "Change Settings" under "Quick Links", on the left
  3. In this dialog, click the [Advanced Setting] button
  4. Click [Add] near the bottom, then navigate to Evolution.exe, found in either C:\ISystems\Evolution\Client\ or C:\Program Files\Evolution\Client\, and click [OK].
  5. Dismiss these dialog boxes

This should allow Evolution to make outbound connections.

This information is not produced or endorsed by iSystems, LLC.

First published: 2007/06/19
Updated: 2008/12/16