Firewalls on Home networks (XP / 2K)

Topic

New Reply

I am (presently) running a network with one pc on XP and one on 2K…

They are NOT seeing each other. WyllyWylly had suggested the my firewall could be the disruption.

Does this mean that I cannot run a firewall on a home network? That would certinly be a blow…

Regards,
Chuck Billow

Chuck Billow

Reply | Quote

Replies

Chuck

You must run a firewall on a home network!! The question is: how? (And the other question is: are you referring to a hardware firewall?)

I would disconnect everything from the outside world, then try to get the two PCs to talk to each other. Once you’ve done that, you can introduce the firewall, ensure that it’s working without an internet connection (if you can do this), then connect to the internet. Simplify until “it” works, then add complexity, keeping it still working!

The technical details will depend on what firewall it is, how you’re connecting the PCs, and so on and so forth…

John

Reply | Quote

John:

That’s a proper plan…

My firewall (to date) is ZoneAlarm. In the MN700 (Microsoft) network, there is (supposed to be) a firewall. Hardware? But I found several breaches, so I reverted back to ZA.

I’ve heard many disparaging remarks about same, but my luck (exclusive of support) has top rate.

Chuck

Chuck Billow

Reply | Quote

Chuck,
This stuff may be too basic but then again it may be worthwhile: Steve Winograd’s Networking FAQ.

Joe

--Joe

Reply | Quote

Joe:

Thanks. I’ll add it to my must-reads before proceeding. Every bit of info here will help, ’cause I have still to identify the problem…

Regards,
Chuck

Chuck Billow

Reply | Quote

Chuck,
If the MS hardware has a firewall built in, I’d suggest that you run both the hardware and software (ZA) firewalls. These days a multi-layer defense is better. It may complicate setting things up to begin with but you’ll be much safer in the long run.

Joe

--Joe

Reply | Quote

Joe:

That’s the plan… along with a second atempt at an NTFS conversion… ought to be an interesting evening…

Thanks to you and Mark both…

You’ll hear from me soon…

Chuck

Chuck Billow

Reply | Quote

Joe:

That’s the plan… along with a second atempt at an NTFS conversion… ought to be an interesting evening…

Thanks to you and Mark both…

You’ll hear from me soon…

Chuck

Chuck Billow

Reply | Quote

Chuck,
If the MS hardware has a firewall built in, I’d suggest that you run both the hardware and software (ZA) firewalls. These days a multi-layer defense is better. It may complicate setting things up to begin with but you’ll be much safer in the long run.

Joe

--Joe

Reply | Quote

Joe:

Thanks. I’ll add it to my must-reads before proceeding. Every bit of info here will help, ’cause I have still to identify the problem…

Regards,
Chuck

Chuck Billow

Reply | Quote

Chuck,
This stuff may be too basic but then again it may be worthwhile: Steve Winograd’s Networking FAQ.

Joe

--Joe

Reply | Quote

John:

That’s a proper plan…

My firewall (to date) is ZoneAlarm. In the MN700 (Microsoft) network, there is (supposed to be) a firewall. Hardware? But I found several breaches, so I reverted back to ZA.

I’ve heard many disparaging remarks about same, but my luck (exclusive of support) has top rate.

Chuck

Chuck Billow

Reply | Quote

I cannot speak to how ZoneAlarm is configured for internal networks – I make no secret of the fact that I detest the product – but most firewalls will block nearly all network traffic by default, or at the very least close/stealth the ports that are required for network communication. Using the Sygate firewall that I swear by, there is a setting to allow browsing of shared network resources, and I suspect that ZoneAlarm has a similar feature. This is where I’ve been tripped up before with ZA: even enabling local network addresses did not allow them; I had to remove ZA in order to get access to network resources.

My suggestion would be to disable ZA temporarily and see if you have normal network access. You might even go so far as to remove it since the ZA driver still loads and can interfere with communications (as my experience has proved).

You can also open a command prompt (Start – Run – CMD) and try to ping the computer you are trying to connect to. Ping using the computer name to see if it resolves to an IP address – if it times out, then it’s likely a security setting in the firewall or elsewhere. If you get any other messages, post them here so we can figure it out.

Hope that helps…

Reply | Quote

Mark:

No use taking it slowly… I’m in the process of transferring files over to NTFS… and the ZA isn’t installed yet…

I thought of what you said, and tried the sharing… to no avail.

I can see it on my machine (now an NTFS 2k machine) but not on the other at all…

??

Regards,
Chuck

With high hope for the future, no prediction is ventured.
— Abraham Lincoln

Chuck Billow

Reply | Quote

I’m trying to get a clear picture of how you have everything set up on your network. I think we can safely say that ZoneAlarm is not responsible since it is not installed yet. But you have two computers – all I know for certain at this point is:

PC #1           PC #2
-----           -----
Win2000         ??
NTFS            ??
No firewall     ??
User account    User account
 for PC #2?      for PC #1?

Reply | Quote

Mark:

PC1 (Base Station)
Windows XP Pro
NTFS
No Firewalls
User Account – CWBillow

PC2 (Wireless)
Win2K Pro
NTFS (Hooray?)
No Firewalls
User Account – CWBillow

PC2 can see its own sharable resources, but no others
PC1 can see none.

Regards,
Chuck Billow

With high hope for the future, no prediction is ventured.
— Abraham Lincoln

Chuck Billow

Reply | Quote

Does PC1 have any thing shared?

Can you see the computers from each other?

DaveA I am so far behind, I think I am First
Genealogy....confusing the dead and annoying the living

Reply | Quote

Dave:

Sorry for the delay… I lost PC2 in the meantime… power supply I hope… I’ll know on Monday…

But yes, I set up a shared folder on each of thje pc’s..

In 2K you don’t have to install it to “share”, as you can stipulate later… Do you have to INSTALL XP for sharing? That may be what it could be(?)

Chuck

Chuck Billow

Reply | Quote

You don’t actually ‘install’ Windows for sharing-any version. IIRC sharing is installed automatically but disabled by default with both 2K & XP. (Actually, I believe the ‘administrative’ shares are enabled by default with 2K-but you can’t see them from a remote PC anyway so the only difference it makes is in security.)

It’s not supposed to work this way as I understand it, but I have had a couple of instances where I couldn’t see a shared resource on the remote PC until I enabled sharing on the PC I was working on. Now, if I intend to network a PC I always share at least one resource on it even when I don’t intend to use that share.

Reply | Quote

You don’t actually ‘install’ Windows for sharing-any version. IIRC sharing is installed automatically but disabled by default with both 2K & XP. (Actually, I believe the ‘administrative’ shares are enabled by default with 2K-but you can’t see them from a remote PC anyway so the only difference it makes is in security.)

It’s not supposed to work this way as I understand it, but I have had a couple of instances where I couldn’t see a shared resource on the remote PC until I enabled sharing on the PC I was working on. Now, if I intend to network a PC I always share at least one resource on it even when I don’t intend to use that share.

Reply | Quote

Dave:

Sorry for the delay… I lost PC2 in the meantime… power supply I hope… I’ll know on Monday…

But yes, I set up a shared folder on each of thje pc’s..

In 2K you don’t have to install it to “share”, as you can stipulate later… Do you have to INSTALL XP for sharing? That may be what it could be(?)

Chuck

Chuck Billow

Reply | Quote

Does PC1 have any thing shared?

Can you see the computers from each other?

DaveA I am so far behind, I think I am First
Genealogy....confusing the dead and annoying the living

Reply | Quote

Mark:

PC1 (Base Station)
Windows XP Pro
NTFS
No Firewalls
User Account – CWBillow

PC2 (Wireless)
Win2K Pro
NTFS (Hooray?)
No Firewalls
User Account – CWBillow

PC2 can see its own sharable resources, but no others
PC1 can see none.

Regards,
Chuck Billow

With high hope for the future, no prediction is ventured.
— Abraham Lincoln

Chuck Billow

Reply | Quote

I’m trying to get a clear picture of how you have everything set up on your network. I think we can safely say that ZoneAlarm is not responsible since it is not installed yet. But you have two computers – all I know for certain at this point is:

PC #1           PC #2
-----           -----
Win2000         ??
NTFS            ??
No firewall     ??
User account    User account
 for PC #2?      for PC #1?

Reply | Quote

Mark:

No use taking it slowly… I’m in the process of transferring files over to NTFS… and the ZA isn’t installed yet…

I thought of what you said, and tried the sharing… to no avail.

I can see it on my machine (now an NTFS 2k machine) but not on the other at all…

??

Regards,
Chuck

With high hope for the future, no prediction is ventured.
— Abraham Lincoln

Chuck Billow

Reply | Quote

I cannot speak to how ZoneAlarm is configured for internal networks – I make no secret of the fact that I detest the product – but most firewalls will block nearly all network traffic by default, or at the very least close/stealth the ports that are required for network communication. Using the Sygate firewall that I swear by, there is a setting to allow browsing of shared network resources, and I suspect that ZoneAlarm has a similar feature. This is where I’ve been tripped up before with ZA: even enabling local network addresses did not allow them; I had to remove ZA in order to get access to network resources.

My suggestion would be to disable ZA temporarily and see if you have normal network access. You might even go so far as to remove it since the ZA driver still loads and can interfere with communications (as my experience has proved).

You can also open a command prompt (Start – Run – CMD) and try to ping the computer you are trying to connect to. Ping using the computer name to see if it resolves to an IP address – if it times out, then it’s likely a security setting in the firewall or elsewhere. If you get any other messages, post them here so we can figure it out.

Hope that helps…

Reply | Quote