ZoneAlarm - web access problem

[bg]

Archived from groups: comp.security.firewalls (More info?)

My knowledge of firewalls is weak to say the least And I'm hoping for some
advice:

I have four home XP machines connected on a LAN through a 10/100 hub. All
machines can see each other on the network. The principal machine (mine)
has a second NIC which connects to a cable modem and the modem is shared
through Windows. My machine has Zone Alarm (current version although this
problem has been going on for at least the last two upates and is probably
not version related.)

The problem is that, despite having used both the Windows Network Wizard and
also set up manually, one machine steadfastly fails to be able to connect to
the Web when ZA is running. All machines are set up the same and are within
the same IP range and subnet mask. ZA trusted zone contains the entire IP
range but I've also included the IP address of the problem machine, still to
no avail.

The problem came about after the errant machine (my daughter's) suffered a
terminal O/S problem which had to be dealt with by a complete
re-installation. Can someone please point me in the right direction?

Thanks

B.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Can't you just connect the cable modem to the hub also so that everything
doesn't have to be relayed through your primary machine?


"BG" <spam.check@spamcheck.com> wrote in message
news:TfoDc.661$Uo3.598@newsfe6-gui.server.ntli.net...
> My knowledge of firewalls is weak to say the least And I'm hoping for some
> advice:
>
> I have four home XP machines connected on a LAN through a 10/100 hub. All
> machines can see each other on the network. The principal machine (mine)
> has a second NIC which connects to a cable modem and the modem is shared
> through Windows. My machine has Zone Alarm (current version although this
> problem has been going on for at least the last two upates and is probably
> not version related.)
>
> The problem is that, despite having used both the Windows Network Wizard
and
> also set up manually, one machine steadfastly fails to be able to connect
to
> the Web when ZA is running. All machines are set up the same and are
within
> the same IP range and subnet mask. ZA trusted zone contains the entire IP
> range but I've also included the IP address of the problem machine, still
to
> no avail.
>
> The problem came about after the errant machine (my daughter's) suffered
a
> terminal O/S problem which had to be dealt with by a complete
> re-installation. Can someone please point me in the right direction?
>
> Thanks
>
> B.
>
>

 

[Michael]

Archived from groups: comp.security.firewalls (More info?)

Chip Orange wrote:

>Can't you just connect the cable modem to the hub also so that everything
>doesn't have to be relayed through your primary machine?
>
>
>"BG" <spam.check@spamcheck.com> wrote in message
>news:TfoDc.661$Uo3.598@newsfe6-gui.server.ntli.net...
>
>
>>My knowledge of firewalls is weak to say the least And I'm hoping for some
>>advice:
>>
>>I have four home XP machines connected on a LAN through a 10/100 hub. All
>>machines can see each other on the network. The principal machine (mine)
>>has a second NIC which connects to a cable modem and the modem is shared
>>through Windows. My machine has Zone Alarm (current version although this
>>problem has been going on for at least the last two upates and is probably
>>not version related.)
>>
>>The problem is that, despite having used both the Windows Network Wizard
>>
>>
>and
>
>
>>also set up manually, one machine steadfastly fails to be able to connect
>>
>>
>to
>
>
>>the Web when ZA is running. All machines are set up the same and are
>>
>>
>within
>
>
>>the same IP range and subnet mask. ZA trusted zone contains the entire IP
>>range but I've also included the IP address of the problem machine, still
>>
>>
>to
>
>
>>no avail.
>>
>>The problem came about after the errant machine (my daughter's) suffered
>>
>>
>a
>
>
>>terminal O/S problem which had to be dealt with by a complete
>>re-installation. Can someone please point me in the right direction?
>>
>>Thanks
>>
>>B.
>>
>>
>>
>>
>
>
>
>
A simple solution to this is to bring your cable into the cable modem,
then run a short cable from the modem output to the hub, from the hub
connect all 4 computers. Your PC with ZA installed should read the hub
IP address, the remaining PCs will connect directly to the hub without
ZA firewall.

Michael

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Sat, 26 Jun 2004 21:52:16 -0500, Michael wrote:

> A simple solution to this is to bring your cable into the cable modem,
> then run a short cable from the modem output to the hub, from the hub
> connect all 4 computers.

Not a good idea. At that point each computer gets an ip address and
the ISP may charge you for the three extra ip addresses.

Now using a NAT router will keep you out of that ditch.

ZA still needs to be on each system because any pc could catch a
virus and spread it to each other.

 

[bg]

Archived from groups: comp.security.firewalls (More info?)

"Bit Twister" <BitTwister@localhost.localdomain> wrote in message
news:slrncdsedn.4se.BitTwister@wb.home.invalid...
> On Sat, 26 Jun 2004 21:52:16 -0500, Michael wrote:
>
> > A simple solution to this is to bring your cable into the cable modem,
> > then run a short cable from the modem output to the hub, from the hub
> > connect all 4 computers.
>
> Not a good idea. At that point each computer gets an ip address and
> the ISP may charge you for the three extra ip addresses.
>
> Now using a NAT router will keep you out of that ditch.
>
> ZA still needs to be on each system because any pc could catch a
> virus and spread it to each other.
>

The ISP won't allow the extra IP addresses for the simpler solution that
Chip and Michael suggest. If ultimately necessary I'll get a NAT router but
what's irritating me is the way it worked before the re-build but now won't.

Any suggestions on what seems to be either a config or ZA problem?

B

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

On Sun, 27 Jun 2004 09:07:55 +0100, BG wrote:

> what's irritating me is the way it worked before the re-build but now won't.
>
> Any suggestions on what seems to be either a config or ZA problem?

I would have to say it is something on the rebuilt pc. You did not
change anything on the two nic box, the hub does not care assuming you
did not unplug the rebuilt box from the hub.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

If I can add my 2 pence worth. . .

If your using NTL / Telewest B/Band you can not just plug your hub
into the Cable Modem, it wont work.
Plugging it into a router/firewall will work, you need to
set your workstations to use DHCP if the router has that
switched on (most do)

I have a similar set up to yours, I have 3 PC's running
windows 2000, mine has 2 x NIC's, I guess your PC
is set to 192.168.0.1 - if you are using Microsoft Web Sharing.
On the PC that's having the problem, make sure there is no conflict
between the XP fire wall and Zonealarm.
Make sure you have a local trusted ip range in your
firewall rules.
Up to this point my network had the same problem, the only
way I could resolve it was to uninstall V5 and use V4.5 of Zonealarm
that's how I got mine to work.

This is my own personal experience.

Regards
Mike.



"BG" <spam.check@spamcheck.com> wrote in message
news:TfoDc.661$Uo3.598@newsfe6-gui.server.ntli.net...
> My knowledge of firewalls is weak to say the least And I'm hoping for some
> advice:
>
> I have four home XP machines connected on a LAN through a 10/100 hub. All
> machines can see each other on the network. The principal machine (mine)
> has a second NIC which connects to a cable modem and the modem is shared
> through Windows. My machine has Zone Alarm (current version although this
> problem has been going on for at least the last two upates and is probably
> not version related.)
>
> The problem is that, despite having used both the Windows Network Wizard
and
> also set up manually, one machine steadfastly fails to be able to connect
to
> the Web when ZA is running. All machines are set up the same and are
within
> the same IP range and subnet mask. ZA trusted zone contains the entire IP
> range but I've also included the IP address of the problem machine, still
to
> no avail.
>
> The problem came about after the errant machine (my daughter's) suffered
a
> terminal O/S problem which had to be dealt with by a complete
> re-installation. Can someone please point me in the right direction?
>
> Thanks
>
> B.
>
>

 

[bg]

Archived from groups: comp.security.firewalls (More info?)

Certainly we are running v5+ but it's a mystery why one machine out of four
(which is occasionally replaced with a laptop which does connect) just won't
connect despite identical settings having been created using the wizard.

In case I'm missing something obvious, I assume that the XP firewall should
be off
"Mike Walker" <mike42@ntlworld.com> wrote in message
newsEADc.108$qT5.52@newsfe1-gui.server.ntli.net...
> If I can add my 2 pence worth. . .
>
> If your using NTL / Telewest B/Band you can not just plug your hub
> into the Cable Modem, it wont work.
> Plugging it into a router/firewall will work, you need to
> set your workstations to use DHCP if the router has that
> switched on (most do)
>
> I have a similar set up to yours, I have 3 PC's running
> windows 2000, mine has 2 x NIC's, I guess your PC
> is set to 192.168.0.1 - if you are using Microsoft Web Sharing.
> On the PC that's having the problem, make sure there is no conflict
> between the XP fire wall and Zonealarm.
> Make sure you have a local trusted ip range in your
> firewall rules.
> Up to this point my network had the same problem, the only
> way I could resolve it was to uninstall V5 and use V4.5 of Zonealarm
> that's how I got mine to work.
>
> This is my own personal experience.
>
> Regards
> Mike.
>
>
>
> "BG" <spam.check@spamcheck.com> wrote in message
> news:TfoDc.661$Uo3.598@newsfe6-gui.server.ntli.net...
> > My knowledge of firewalls is weak to say the least And I'm hoping for
some
> > advice:
> >
> > I have four home XP machines connected on a LAN through a 10/100 hub.
All
> > machines can see each other on the network. The principal machine
(mine)
> > has a second NIC which connects to a cable modem and the modem is shared
> > through Windows. My machine has Zone Alarm (current version although
this
> > problem has been going on for at least the last two upates and is
probably
> > not version related.)
> >
> > The problem is that, despite having used both the Windows Network Wizard

> and
> > also set up manually, one machine steadfastly fails to be able to
connect
> to
> > the Web when ZA is running. All machines are set up the same and are
> within
> > the same IP range and subnet mask. ZA trusted zone contains the entire
IP
> > range but I've also included the IP address of the problem machine,
still
> to
> > no avail.
> >
> > The problem came about after the errant machine (my daughter's)
suffered
> a
> > terminal O/S problem which had to be dealt with by a complete
> > re-installation. Can someone please point me in the right direction?
> >
> > Thanks
> >
> > B.
> >
> >
>
>