Sign in with
Sign up | Sign in
Your question

mcafee personal firewall ICS problem...

Last response: in Networking
Share
Anonymous
May 7, 2004 8:30:53 PM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

I setup mcafee personal firewall plus and configured it on my main PC and it
appears to run fine.

The problem is, i have another PC networked to this one, connected via a
crossover cable, and previously setup internet connection sharing (ICS)
which worked fine using the XP firewall but now it wont connect to the
internet while the firewall is up. i can access network shares with the
firewalls up but i have to disable it totally to access the web from the
other PC.

I currently have the firewall set to allow all machines on my LAN access and
even tried entering the other PCs address but this didnt solve the problem.

I have no other firewalls running and i've checked for viruses and none
found. the gateway PC is XP and the other PC is win2k.

Anyone seen this problem or have a suggestion other than uninstalling a
mcafee product? :) 
Anonymous
May 8, 2004 12:31:06 AM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

"ápuk" <reply2group> wrote in
news:409babad$0$20511$cc9e4d1f@news-text.dial.pipex.com:

> I setup mcafee personal firewall plus and configured it on my main PC
> and it appears to run fine.
>
> The problem is, i have another PC networked to this one, connected via
> a crossover cable, and previously setup internet connection sharing
> (ICS) which worked fine using the XP firewall but now it wont connect
> to the internet while the firewall is up. i can access network shares
> with the firewalls up but i have to disable it totally to access the
> web from the other PC.
>
> I currently have the firewall set to allow all machines on my LAN
> access and even tried entering the other PCs address but this didnt
> solve the problem.
>
> I have no other firewalls running and i've checked for viruses and
> none found. the gateway PC is XP and the other PC is win2k.
>
> Anyone seen this problem or have a suggestion other than uninstalling
> a mcafee product? :) 

Yeah, you can dump the ICS gateway setup and use a NAT router as the
gateway device for the LAN and WAN that cost as much as mcafee.

http://www.homenethelp.com/web/explain/about-NAT.asp

Then you can use IPsec behind the NAT router that's on the O/S's with
AnalogX Secpol rules for protecting the LAN and the Win Networking Ports
behind the router.

http://www.petri.co.il/block_ping_traffic_with_ipsec.ht...
http://www.analogx.com/contents/articles/ipsec.htm

Bim, bam, boom and you can stick a fork in it, because it's done. <g>

You may want to secure the machines on the LAN a little bit.

http://www.uksecurityonline.com/index5.php

Duane :) 
Anonymous
May 8, 2004 11:24:48 PM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

> Yeah, you can dump the ICS gateway setup and use a NAT router as the
> gateway device for the LAN and WAN that cost as much as mcafee.
>


sorry mate but thats not the advice i was looking for!

i want advice on getting this problem fixed not suggestions on new hardware
etc!!

i must have got something configured wrongly for the f/w to be blocking my
second PC surely!?!

any other experts care to offer advice?

ps: i noticed something strange, i can access and search google groups but
not load any other pages into IE 6 on the other machine ?!?
Related resources
Anonymous
May 8, 2004 11:24:49 PM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

"ápuk" <reply2group> wrote in
news:409d25f1$0$25319$cc9e4d1f@news-text.dial.pipex.com:

>> Yeah, you can dump the ICS gateway setup and use a NAT router as the
>> gateway device for the LAN and WAN that cost as much as mcafee.
>>
>
>
> sorry mate but thats not the advice i was looking for!
>
> i want advice on getting this problem fixed not suggestions on new
> hardware etc!!
>
> i must have got something configured wrongly for the f/w to be
> blocking my second PC surely!?!
>
> any other experts care to offer advice?
>
> ps: i noticed something strange, i can access and search google groups
> but not load any other pages into IE 6 on the other machine ?!?
>

Mcafee is a tough nut to crack it seems like based on some previous posts
I have seen. I don't see too many posts about it. You may want to hit the
Mcafee Tech Support about the issue.

Then you can post the solutions and you'll be the Mcafee expert in the
NG. :) 

Duane :) 
Anonymous
May 9, 2004 12:30:08 AM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

In message <409d25f1$0$25319$cc9e4d1f@news-text.dial.pipex.com>, ápuk
<reply2group@?.?.invalid> writes
>any other experts care to offer advice?

Your firewall doesn't support ICS. Others do. ZA Pro, Sygate etc. I
don't know if there is a workaround because I wouldn't install such a
heap of tosh onto my machine. My recommendation would be NAT router or
Sygate Pro. Macafee's bad mmkay?
--
Pete Devlin
[{//////news03//////at\\\\\secondrow/////co\\\\\uk}]
A man's home is his castle, in a manor of speaking.
Anonymous
May 11, 2004 8:10:04 AM

Archived from groups: comp.security.firewalls,uk.telecom.broadband (More info?)

Strange about that comment Pete unless .....I use PFP version 5.0.1.5 and
ICs works fine. What is the actual version of the firewall ?

I have rarely have seen a networking issue with the latest version BUT there
were a group of 3 of so posts on our forums at www.mcafeehelp.com that could
never connect and we thaere had to escalate them. Have a read there maybe
some help.

I have the security at standard and 192.168.*.* allowed. We have 2 Xp PCs; 1
win95; 1 xbox and 1 playstation 2 connected all accessing the net fine
though the 1 gateway.
Peace

"pete devlin" <spamtrap@secondrow.co.uk> wrote in message
news:JfudyRZAVTnAFwT8@sukmabobby.com...
> In message <409d25f1$0$25319$cc9e4d1f@news-text.dial.pipex.com>, ápuk
> <reply2group@?.?.invalid> writes
> >any other experts care to offer advice?
>
> Your firewall doesn't support ICS. Others do. ZA Pro, Sygate etc. I
> don't know if there is a workaround because I wouldn't install such a
> heap of tosh onto my machine. My recommendation would be NAT router or
> Sygate Pro. Macafee's bad mmkay?
> --
> Pete Devlin
> [{//////news03//////at\\\\\secondrow/////co\\\\\uk}]
> A man's home is his castle, in a manor of speaking.
!