If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Both computers are WinXPSP2 on a wired D-Link DI 604 router & cable modem.
On computer #1, using ZoneAlarm 5.5 (free)it seems fine to be able to share files etc. However, computer #2 which is using the WinXPSP2 Firewall they will not share files expect for the printer. I do not know where in WinXpSP2 Firewall to put required info so #2 can share with #1. If ZA is shutdown it shares files. Turned on, ZA blocks #2 from reading my files. I put in #2s Address/Sites & Trusted. I'm not familiar with WinXPSP2 Advance Service Settings and where I find the Ports numbers to connect #2 to find #1 computer? Do I need TCP or UDF? Internal or External or both? ZA Alert "Protected" Showed me it blocked me from #2s IP & (TCP Port 1086)[TCP Flags: S] More Info was even more confusing. So, now I'm totally lost and the wife can't share files with me! So you know how serious that is!! Thanks for the help folks! |
Ads |
#2
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
On Fri, 19 Nov 2004 12:19:01 -0800, Rip999
wrote: Both computers are WinXPSP2 on a wired D-Link DI 604 router & cable modem. On computer #1, using ZoneAlarm 5.5 (free)it seems fine to be able to share files etc. However, computer #2 which is using the WinXPSP2 Firewall they will not share files expect for the printer. I do not know where in WinXpSP2 Firewall to put required info so #2 can share with #1. If ZA is shutdown it shares files. Turned on, ZA blocks #2 from reading my files. I put in #2s Address/Sites & Trusted. I'm not familiar with WinXPSP2 Advance Service Settings and where I find the Ports numbers to connect #2 to find #1 computer? Do I need TCP or UDF? Internal or External or both? ZA Alert "Protected" Showed me it blocked me from #2s IP & (TCP Port 1086)[TCP Flags: S] More Info was even more confusing. So, now I'm totally lost and the wife can't share files with me! So you know how serious that is!! Thanks for the help folks! For Windows Firewall, just enable the File and Printer Sharing exception ("Exceptions" tab), and edit the exception to make sure it's Scope is set to subnet. -- Cheers, Chuck Paranoia comes from experience - and is not necessarily a bad thing. |
#3
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
First off, you are already behind a router, which acts has a firewall
(probably better then Zone Alarm. 1. I would uninstall Zone Alarm -- Now you have to enable File and Print sharing (int he XP Firewall) 1. Go to Start--Control Panel -- Network Connections -- Select your network connection. 2. Click on the 'Properties' button. Click on the Advanced Tab. Look around here, make sure File and Printer sharing is enabled (as an Exception). If by chance you keep on getting a log on prompt, which forces you to use Guest as a username.... Paste the below text in a file, save the file with an extention of .reg. Now just double click on the file, and merge it. [Copy Below] Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa] "forceguest"=dword:00000000 [End Copy] "Rip999" wrote: Both computers are WinXPSP2 on a wired D-Link DI 604 router & cable modem. On computer #1, using ZoneAlarm 5.5 (free)it seems fine to be able to share files etc. However, computer #2 which is using the WinXPSP2 Firewall they will not share files expect for the printer. I do not know where in WinXpSP2 Firewall to put required info so #2 can share with #1. If ZA is shutdown it shares files. Turned on, ZA blocks #2 from reading my files. I put in #2s Address/Sites & Trusted. I'm not familiar with WinXPSP2 Advance Service Settings and where I find the Ports numbers to connect #2 to find #1 computer? Do I need TCP or UDF? Internal or External or both? ZA Alert "Protected" Showed me it blocked me from #2s IP & (TCP Port 1086)[TCP Flags: S] More Info was even more confusing. So, now I'm totally lost and the wife can't share files with me! So you know how serious that is!! Thanks for the help folks! |
#4
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Dan wrote:
First off, you are already behind a router, which acts has a firewall (probably better then Zone Alarm. 1. I would uninstall Zone Alarm Arrrrgh. The router acts as a firewall for inbound traffic, but it does nothing to stop outbound traffic (from trojans and other malware that you accidentally download) -- that's a big advantage of ZoneAlarm and the like. There is nothing wrong with running ZoneAlarm behind a router. I run it on each of my PCs, and I use a router to get to the 'net. -- Cheers, Bob |
#5
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
I strongly agree with you Bob! I don't believe I'm the only person inn my
similar situation. I hope someone will be able to help me resolve the problemm I have. "Bob Willard" wrote: Dan wrote: First off, you are already behind a router, which acts has a firewall (probably better then Zone Alarm. 1. I would uninstall Zone Alarm Arrrrgh. The router acts as a firewall for inbound traffic, but it does nothing to stop outbound traffic (from trojans and other malware that you accidentally download) -- that's a big advantage of ZoneAlarm and the like. There is nothing wrong with running ZoneAlarm behind a router. I run it on each of my PCs, and I use a router to get to the 'net. -- Cheers, Bob |
#6
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Rip999 wrote:
I strongly agree with you Bob! I don't believe I'm the only person inn my similar situation. I hope someone will be able to help me resolve the problemm I have. "Bob Willard" wrote: Dan wrote: First off, you are already behind a router, which acts has a firewall (probably better then Zone Alarm. 1. I would uninstall Zone Alarm Arrrrgh. The router acts as a firewall for inbound traffic, but it does nothing to stop outbound traffic (from trojans and other malware that you accidentally download) -- that's a big advantage of ZoneAlarm and the like. There is nothing wrong with running ZoneAlarm behind a router. I run it on each of my PCs, and I use a router to get to the 'net. -- Cheers, Bob For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob |
#7
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
"Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. |
#8
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Interrogative wrote:
"Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob |
#9
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Oh-Oh, I think I'm getting lost, but..... Sounds like the easy way out would
either both use ZA or the Win Firewall. Our 2 computers have specific IP's and I set hers (#2) as Trusted and mine says Internet, Is that correct? I can view her files okay. She can't get to mine even though my ZA setting says she's Trusted. The ZA Alerts & Logs show me similar info: Sometime the Rating is High sometime Medium even though both are set at medium. Type is always Firewall, Protocol says either TCP (flags:s) or occasionally UDP. No Program shown. Source shows her (#2) IP:xxx or xxxx (a : & different #) Destination is my IP, and again a colon usually followed by, but not always a 139 or 137. Direction is Incoming and Action Taken is Blocked. AND is shows Destination DNS is ME #1. In her WinXP Firewall I put in my IP but it asked for External or internal TCP or UDP info. So, I though with the correct setting that would solve the problem. But, as I said earlier I'm lost and getting more & more confused trying to follow the posts. "Bob Willard" wrote: Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob |
#10
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Rip999 wrote:
Oh-Oh, I think I'm getting lost, but..... Sounds like the easy way out would either both use ZA or the Win Firewall. Our 2 computers have specific IP's and I set hers (#2) as Trusted and mine says Internet, Is that correct? I can view her files okay. She can't get to mine even though my ZA setting says she's Trusted. The ZA Alerts & Logs show me similar info: Sometime the Rating is High sometime Medium even though both are set at medium. Type is always Firewall, Protocol says either TCP (flags:s) or occasionally UDP. No Program shown. Source shows her (#2) IP:xxx or xxxx (a : & different #) Destination is my IP, and again a colon usually followed by, but not always a 139 or 137. Direction is Incoming and Action Taken is Blocked. AND is shows Destination DNS is ME #1. In her WinXP Firewall I put in my IP but it asked for External or internal TCP or UDP info. So, I though with the correct setting that would solve the problem. But, as I said earlier I'm lost and getting more & more confused trying to follow the posts. "Bob Willard" wrote: Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob OK, back to basics -- Since your PCs are behind a NAT router, turn off ICF (the Windows Firewall) forever. Install/enable ZoneAlarm on both PCs. On each PC, invoke ZA's Control Panel, click on Firewall, then on Zones, then Add an IP Range (to the Trusted Zone) of 192.168.1.0-192.168.1.255, then click on Apply -- that will place both PCs and the router in the Trusted Zone of each PC. {I'm assuming that each PC is set as a DHCP client and that the router uses the common 192.168.1.1 IPA, and is the DHCP server, and uses the standard DHCP range of 192.168.1.whatever; if you want static IPAs, then disable DHCP on the PCs and give them 192.168.1.111 and 192.168.1.112 and give them masks of 255.255.255.0 to get the same effect.} Now that your entire LAN is in the Trusted Zone of each PC, the IPAs will not impede sharing. If I recall correctly, you already had the protocols and network APIs OK, so fixing the firewalls and IPAs should fix your problems. If something else is wrong, let us know. -- Cheers, Bob |
#11
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Rip999 wrote:
Oh-Oh, I think I'm getting lost, but..... Sounds like the easy way out would either both use ZA or the Win Firewall. Our 2 computers have specific IP's and I set hers (#2) as Trusted and mine says Internet, Is that correct? I can view her files okay. She can't get to mine even though my ZA setting says she's Trusted. The ZA Alerts & Logs show me similar info: Sometime the Rating is High sometime Medium even though both are set at medium. Type is always Firewall, Protocol says either TCP (flags:s) or occasionally UDP. No Program shown. Source shows her (#2) IP:xxx or xxxx (a : & different #) Destination is my IP, and again a colon usually followed by, but not always a 139 or 137. Direction is Incoming and Action Taken is Blocked. AND is shows Destination DNS is ME #1. In her WinXP Firewall I put in my IP but it asked for External or internal TCP or UDP info. So, I though with the correct setting that would solve the problem. But, as I said earlier I'm lost and getting more & more confused trying to follow the posts. "Bob Willard" wrote: Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob OK, back to basics -- Since your PCs are behind a NAT router, turn off ICF (the Windows Firewall) forever. Install/enable ZoneAlarm on both PCs. On each PC, invoke ZA's Control Panel, click on Firewall, then on Zones, then Add an IP Range (to the Trusted Zone) of 192.168.1.0-192.168.1.255, then click on Apply -- that will place both PCs and the router in the Trusted Zone of each PC. {I'm assuming that each PC is set as a DHCP client and that the router uses the common 192.168.1.1 IPA, and is the DHCP server, and uses the standard DHCP range of 192.168.1.whatever; if you want static IPAs, then disable DHCP on the PCs and give them 192.168.1.111 and 192.168.1.112 and give them masks of 255.255.255.0 to get the same effect.} Now that your entire LAN is in the Trusted Zone of each PC, the IPAs will not impede sharing. If I recall correctly, you already had the protocols and network APIs OK, so fixing the firewalls and IPAs should fix your problems. If something else is wrong, let us know. -- Cheers, Bob |
#12
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
Rip999 wrote:
Oh-Oh, I think I'm getting lost, but..... Sounds like the easy way out would either both use ZA or the Win Firewall. Our 2 computers have specific IP's and I set hers (#2) as Trusted and mine says Internet, Is that correct? I can view her files okay. She can't get to mine even though my ZA setting says she's Trusted. The ZA Alerts & Logs show me similar info: Sometime the Rating is High sometime Medium even though both are set at medium. Type is always Firewall, Protocol says either TCP (flags:s) or occasionally UDP. No Program shown. Source shows her (#2) IP:xxx or xxxx (a : & different #) Destination is my IP, and again a colon usually followed by, but not always a 139 or 137. Direction is Incoming and Action Taken is Blocked. AND is shows Destination DNS is ME #1. In her WinXP Firewall I put in my IP but it asked for External or internal TCP or UDP info. So, I though with the correct setting that would solve the problem. But, as I said earlier I'm lost and getting more & more confused trying to follow the posts. "Bob Willard" wrote: Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob OK, back to basics -- Since your PCs are behind a NAT router, turn off ICF (the Windows Firewall) forever. Install/enable ZoneAlarm on both PCs. On each PC, invoke ZA's Control Panel, click on Firewall, then on Zones, then Add an IP Range (to the Trusted Zone) of 192.168.1.0-192.168.1.255, then click on Apply -- that will place both PCs and the router in the Trusted Zone of each PC. {I'm assuming that each PC is set as a DHCP client and that the router uses the common 192.168.1.1 IPA, and is the DHCP server, and uses the standard DHCP range of 192.168.1.whatever; if you want static IPAs, then disable DHCP on the PCs and give them 192.168.1.111 and 192.168.1.112 and give them masks of 255.255.255.0 to get the same effect.} Now that your entire LAN is in the Trusted Zone of each PC, the IPAs will not impede sharing. If I recall correctly, you already had the protocols and network APIs OK, so fixing the firewalls and IPAs should fix your problems. If something else is wrong, let us know. -- Cheers, Bob |
#13
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
"Bob Willard" wrote in message ... Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. Sure Bob but ZA free doesnt in "out of the box" mode so your comment that "then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone" doesnt hold. The router is doing the NAT and ZA is protecting ONLY the machine it is on. So, if you have a router and dont use ZA at all, you are still protected. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. Wrong. It is a common thing that auto assigned IP with XP is terribly slow for the XP to get on with the network. It can take, in some cases I have witnessed, up to 10 minutes for it to become part of the network. However, set to manually assigned and it is seconds to become part of the network. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob If they are trusted, why have a firewall like ZA? You could remove the possibility of future stuffups by NOT using it. After all, each XP machine would have a firewall and even if pre-SP2, you can check if it is turned on. |
#14
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
"Bob Willard" wrote in message ... Interrogative wrote: "Bob Willard" wrote in message ... For configurations like yours (and mine), with a bunch of PCs behind a NAT router, I suggest running ZoneAlarm (or something similar) instead of ICF (a/k/a Windows Firewall). ZA does everything that ICF does and, unlike ICF, it blocks outbound traffic. If you use DHCP on your LAN with the router as the DHCP server, then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone; for example, if the DHCP server hands out IPAs like 192.168.1.1xx, then Add a Range of 192.168.1.0-192.168.1.255 to cover all PCs, the router, and broadcasts on your LAN. -- Cheers, Bob Bob, There are only 2 probs I have with that: 1) ZA Free in "out of the box" mode doesn't NAT. You need ZA Pro for that. 2) Don't EVER consciously allow auto assigned IPs on your computers for their home LAN operations. XP is notoriously SLOW to use the local LAN that way. Manually assigned IPs are so much easier and in ZA Pro you can enter the entire LAN as Trusted, if you wish and then turn Trusted Zone to Low which means OFF. As Internet Zone will be on and protecting and assuming you trust the members of your local LAN, all will be OK. 1. Your router does NAT, not ZA. ZAF and ZA$ both work fine on PCs which use DHCP. Sure Bob but ZA free doesnt in "out of the box" mode so your comment that "then use ZA's Control Panel on each PC to add a range of IPAs to ZA's Trusted Zone" doesnt hold. The router is doing the NAT and ZA is protecting ONLY the machine it is on. So, if you have a router and dont use ZA at all, you are still protected. 2. Getting IPAs automatically via DHCP has no effect on network speed, since DHCP is only invoked about once a week plus once per reboot. Wrong. It is a common thing that auto assigned IP with XP is terribly slow for the XP to get on with the network. It can take, in some cases I have witnessed, up to 10 minutes for it to become part of the network. However, set to manually assigned and it is seconds to become part of the network. And, as I suggested, you can place all PCs in a Trusted Zone by adding a single IPA range, whether IPAs are assigned statically or via DHCP. -- Cheers, Bob If they are trusted, why have a firewall like ZA? You could remove the possibility of future stuffups by NOT using it. After all, each XP machine would have a firewall and even if pre-SP2, you can check if it is turned on. |
#15
|
|||
|
|||
WinXPSp2 Firewall & ZoneAlarm
"Rip999" wrote in message news Oh-Oh, I think I'm getting lost, but..... Sounds like the easy way out would either both use ZA or the Win Firewall. Our 2 computers have specific IP's and I set hers (#2) as Trusted and mine says Internet, Is that correct? Correct and manually assigned, faster to become active on the network with XP. I can view her files okay. She can't get to mine even though my ZA setting says she's Trusted. I came in a little late on this - which files? In XP, you not only have to share C drive, some folders require the actual folder ITSELF to be shared to be open on a network. The ZA Alerts & Logs show If you have ZA free, it will apply to Internet. I would have your XP firewall on her machine and basically it will work. I have an XP laptop on my home LAN and it goes out to Internet effortlessly through this machine and shares properly within the LAN as well. If you are picking up alerts from your home LAN in ZA free edition, you have another problem. ZA FREE isn't for that purpose. ZA Pro will do that fine. If you have ZA Pro either paid for or not, set the TRUSTED network alert level to LOW (which is basically OFF) and it will get through just fine so long as proper sharing is set up. |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
ADSL: Internet Connection Sharing using ZoneAlarm Firewall | ©® | Windows XP Help and Support | 7 | November 17th 04 11:42 PM |
XP SP2 Firewall | BillW | Windows Service Pack 2 | 11 | October 21st 04 05:05 PM |
XP SP 2: Is it worth it? | Thane of Lochaber | The Basics | 27 | September 1st 04 06:01 AM |
SP2 Firewall turned off by default | John C | Windows Service Pack 2 | 8 | August 31st 04 10:35 PM |
After SP2 software will not work | Zane | Windows Service Pack 2 | 26 | August 18th 04 01:26 AM |