Thread: Map drives between 2 XP SP2 machines...
View Single Post
  #13  
Old September 8th 05, 02:39 AM
Doug Knox MS-MVP
external usenet poster
  
Posts: n/a
Default
CheckPoint's VPN software has a Stateful Packet Inspection firewall, I =
believe, that is on, even when the VPN connection is not established. =
Check the Help files for how to turn the SPI firewall off.

--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
" wrote in =
message ...
Well, I verifed that I have an ICMP exception for PING/echo and have =
port 445=20
open on both machies (with the scope of the exception being my =
network, i.e.=20
subnet) - But I still am not able to get an comminucation b/w the =
machines.=20
=20
Firewall on/off - now a correction to one of my eariler posts. =
When=20
logged into the local machine (i.e. not the domain) for both machines: =
On=20
Machine A, on the Firewall's General tab, The "Off..." radio button is =

selected, but both the "On..." and "Off..." buttons are disabled =
(greyed=20
out). The message at the bottom states that "Windows Firewall is using =
your=20
domain settings". On machine B, on the Firewall's General tab, the =
"Off..."=20
radio button is selected and enabled. The message at the bottom of the =
screen=20
states that "Windows Firewall is using your NON-domain settings". I'm =
not=20
sure of this discrepancy is causing an issue.
=20
What other reasons would there be that I can't get these two machines =
to=20
talk - given they could communicate before I installed XP SP2?
=20
Ok, one other possible issue - I just realized that I also installed=20
Checkpoint Software technologies' VPN-1 SecureClient software on both=20
machines. It looks like it has settings for security profiles but I =
don't see=20
a way to set exceptions... could this be the culprit? If so, any ideas =
on how=20
to deal with it (other than disabling it...)
=20
Thanks for your help thus far!
=20
Charles
=20
"Doug Knox MS-MVP" wrote:
=20
You should be able to do it by IP address, or by machine name. If =
port 445 is opened, then you shouldn't have any problem. Since you're =
behind a router, have you tried turning XP's firewall off? If that =
works, then its definitely a firewall issue.
=20
--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
" wrote =
in message ...
So, it appears that I have an exception for ping/echo and port 445 =
open - but=20
I'm still not able to map (or ping) from one PC to the other...=20
=20
Any other suggestions?
=20
BTW, say for instance, that my IP addresses are 192.168.0.100 and =
.....101 on=20
the two machines respectively... I should be able to map drives =
from one=20
machine to the other using the router assigned IPs (that's how I =
used todo it=20
before I upgraded to XP SP2...)
=20
I'm stumped!
=20
"Doug Knox MS-MVP" wrote:
=20
ICMP Echo is the same as a Ping. Port 445 should be the port that =
ping's come in on.
=20
--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
" =
wrote in message =
...
Oops, I see that in your message now...
=20
Ok, on both PC's I've got the option "Allow incoming echo =
request" checked=20
but nothing else. I don't see anything about "Ping".
Is there some port that I need to enable (and how)?
=20
"Doug Knox MS-MVP" wrote:
=20
ICMP packet exceptions are on the Advanced tab, ICMP section, =
not the Exceptions tab.
=20
--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
" =
wrote in message =
...
Thanls for the quick reply!
=20
On the "Windows Firewall" dialog's general tab, both the on =
and off radio=20
buttons are greyed out - and there's a message at the bottom =
stating that the=20
"Windows Firewall is using your domain settings"... (I'm =
logged in on the=20
domain account - the firewall has this same setting when I =
login to the local=20
machine)
=20
Regardless, under the exceptions tab, I have no program or =
service named=20
like "ICMP Ping/echo packets" - how do I add this exception =
to the list=20
(clicking add programs reveals no program like "*ICMP*")? =
Further, how will I=20
know whick port(s) to open up without creating a security =
risk for myself?
=20
"Doug Knox MS-MVP" wrote:
=20
Is the Windows firewall enabled? If so, check the firewall =
exceptions to ensure that ICMP Ping/echo packets are allowed. This =
setting and other ICMP settings are found on the Advanced tab, ICMP, =
Settings.
=20
--=20
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart =
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
=20
" =
wrote in message =
...
I am having trouble getting a connection (ping, with =
eventual desire to map a=20
drive) between two machines on XP SP2 - before upgrading =
to XP SP2 I did not=20
have this problem.=20
=20
Here's my set up...
Two laptops with XP SP2, connected via a router. When =
logging into the=20
"local machine" on both laptops, neither machine can PING =
the other. Same=20
story when I login to both machines on the same domain... =
what gives.=20
=20
I know the IP addresses of both machines, subnet mask and =
such - but I can't=20
reach one machine from the other... I need help - can =
someone throw me a bone?
Ads