If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#11
|
|||
|
|||
On Sat, 09 Oct 2004 21:10:16 -0600, "Steve Winograd [MVP]"
wrote: In the Windows Firewall properties, click the General tab and set the mode to "On (recommended)". Then, click the Exceptions tab and make sure that there's a check mark in the box for File and Printer Sharing. On my network here, I had to do this to get a LAN connection even though LAN was unchecked on the advanced tab. I was wanting to enable the firewall only for the dialup interface (a standby Internet connection) but not for the LAN which is already private behind a router. If I leave the advanced tab with just the dialup checked, I can kiss goodbye to LAN connectivity unless I either disable the firewall completely on all interfaces or make file and printer sharing an exception on a (supposedly) already disabled interface. Surely I shouldn't need to do that? Jim. |
#12
|
|||
|
|||
On Sun, 10 Oct 2004 15:48:35 +0100, James Egan
wrote: On Sat, 09 Oct 2004 21:10:16 -0600, "Steve Winograd [MVP]" wrote: In the Windows Firewall properties, click the General tab and set the mode to "On (recommended)". Then, click the Exceptions tab and make sure that there's a check mark in the box for File and Printer Sharing. On my network here, I had to do this to get a LAN connection even though LAN was unchecked on the advanced tab. I was wanting to enable the firewall only for the dialup interface (a standby Internet connection) but not for the LAN which is already private behind a router. It's better to have a software firewall, even with a router. Consider what happens with OUTGOING connections, such as those from spyware. If I leave the advanced tab with just the dialup checked, I can kiss goodbye to LAN connectivity unless I either disable the firewall completely on all interfaces or make file and printer sharing an exception on a (supposedly) already disabled interface. Surely I shouldn't need to do that? Jim. Still, I would never trust the XP firewall. MS is going to put in all the "holes" it wants. -- 76 days until the winter solstice celebration Mark Lloyd http://notstupid.laughingsquid.com |
#13
|
|||
|
|||
On Sat, 09 Oct 2004 22:18:03 -0700, Z wrote:
Steve Winograd [MVP] wrote: If the XP computer is running Norton Internet Security, you must disable the built-in Windows Firewall. Running both of them will cause network problems. Configure Norton to allow access by other computers on the local area network. Geez, even better ... if you have XP SP2, dump Norton Internet Security completely. Or ,even better than that ... turn off the (nearly useless) XP firewall and use Norton. |
#14
|
|||
|
|||
In article , Tony
dont@email wrote: On Sat, 09 Oct 2004 22:18:03 -0700, Z wrote: Steve Winograd [MVP] wrote: If the XP computer is running Norton Internet Security, you must disable the built-in Windows Firewall. Running both of them will cause network problems. Configure Norton to allow access by other computers on the local area network. Geez, even better ... if you have XP SP2, dump Norton Internet Security completely. Or ,even better than that ... turn off the (nearly useless) XP firewall and use Norton. Have you looked at the new Windows Firewall in Service Pack 2? It's much better than the Internet Connection Firewall in earlier versions of Windows XP. -- Best Wishes, Steve Winograd, MS-MVP (Windows Networking) Please post any reply as a follow-up message in the news group for everyone to see. I'm sorry, but I don't answer questions addressed directly to me in E-mail or news groups. Microsoft Most Valuable Professional - Windows Networking http://mvp.support.microsoft.com Steve Winograd's Networking FAQ http://www.bcmaven.com/networking/faq.htm |
#15
|
|||
|
|||
On Sun, 10 Oct 2004 12:49:35 -0600, "Steve Winograd [MVP]"
wrote: In article , Tony dont@email wrote: On Sat, 09 Oct 2004 22:18:03 -0700, Z wrote: Steve Winograd [MVP] wrote: If the XP computer is running Norton Internet Security, you must disable the built-in Windows Firewall. Running both of them will cause network problems. Configure Norton to allow access by other computers on the local area network. Geez, even better ... if you have XP SP2, dump Norton Internet Security completely. Or ,even better than that ... turn off the (nearly useless) XP firewall and use Norton. Have you looked at the new Windows Firewall in Service Pack 2? It's much better than the Internet Connection Firewall in earlier versions of Windows XP. Irrelevant. It's still a bad idea to trust MS here. A lot of the undesirable connections are originated by Windows. -- 76 days until the winter solstice celebration Mark Lloyd http://notstupid.laughingsquid.com |
#16
|
|||
|
|||
In article , James Egan
wrote: On Sat, 09 Oct 2004 21:10:16 -0600, "Steve Winograd [MVP]" wrote: In the Windows Firewall properties, click the General tab and set the mode to "On (recommended)". Then, click the Exceptions tab and make sure that there's a check mark in the box for File and Printer Sharing. On my network here, I had to do this to get a LAN connection even though LAN was unchecked on the advanced tab. I was wanting to enable the firewall only for the dialup interface (a standby Internet connection) but not for the LAN which is already private behind a router. If I leave the advanced tab with just the dialup checked, I can kiss goodbye to LAN connectivity unless I either disable the firewall completely on all interfaces or make file and printer sharing an exception on a (supposedly) already disabled interface. Surely I shouldn't need to do that? Jim. Jim, make sure that "Don't allow exceptions" is un-checked on the General tab. That's an all-or-nothing setting. If it's checked, all connections are firewalled, regardless of the settings on the Advanced tab. To enable the firewall on the dial-up connection and disable the firewall on the LAN connection: 1. Go to the Exceptions tab. 2. Un-check all of the boxes. 3. Go to the Advanced tab. 4. Check the dial-up connection and un-check the LAN connection. -- Best Wishes, Steve Winograd, MS-MVP (Windows Networking) Please post any reply as a follow-up message in the news group for everyone to see. I'm sorry, but I don't answer questions addressed directly to me in E-mail or news groups. Microsoft Most Valuable Professional - Windows Networking http://mvp.support.microsoft.com Steve Winograd's Networking FAQ http://www.bcmaven.com/networking/faq.htm |
#17
|
|||
|
|||
On Sun, 10 Oct 2004 15:47:35 -0600, "Steve Winograd [MVP]"
wrote: Jim, make sure that "Don't allow exceptions" is un-checked on the General tab. That's an all-or-nothing setting. If it's checked, all connections are firewalled, regardless of the settings on the Advanced tab. This is unchecked. To enable the firewall on the dial-up connection and disable the firewall on the LAN connection: 1. Go to the Exceptions tab. 2. Un-check all of the boxes. 3. Go to the Advanced tab. 4. Check the dial-up connection and un-check the LAN connection. It doesn't work doing this, Steve. Even after restoring defaults, starting again and following your instructions to the letter. If file and printer sharing (exceptions) is unchecked, I can't even ping the computer. As soon as I tick this box and click ok it all works. Pinging, browsing et al. That's no use for the dialup connection, though, since file and printer sharing is the main thing I want to block on that interface. Jim. |
#18
|
|||
|
|||
In article , Steve Winograd
[MVP] says... You can't use the same NIC to access the Internet that you use to access the LAN when you are behind a router. Yes, you can. The router sits between the NIC and the Internet; the NIC can only access the router. The NIC accesses the router, and the router gives it access to both the Internet and the LAN. Did I misunderstand what you said? Probably. The NIC in the computer can only access the router. The router uses NAT to pass packets between the WAN port of the router and the LAN port of the router, which is connected to the NIC in the computer. Nobody on the WAN side of the router can have direct access to the NIC. Take my rig as a case in point. My NIC can directly access the gateway IP address at 192.168.102.1. It can't directly access anything beyond that IP address; that is the job of the NAT function in the router. While NAT is a transparent function, it does isolate the NIC from the Internet. Going the other way, you can directly access my router at 64.174.90.87, but not my NIC; not unless I have forwarded a port to my computer. Again, the NAT function of the router isolates the networks. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#19
|
|||
|
|||
In article , Mark Lloyd says...
It's better to have a software firewall, even with a router. Consider what happens with OUTGOING connections, such as those from spyware. At which the Windows Firewall is as useless as the proverbial screen door on the submarine. Get a software firewall which is designed to control outbound connections, and disable the Windows firewall entirely, if that is your intent. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#20
|
|||
|
|||
In article , Steve Winograd
[MVP] says... Have you looked at the new Windows Firewall in Service Pack 2? It's much better than the Internet Connection Firewall in earlier versions of Windows XP. If NIS can control outbound connections, it is better to keep NIS and disable Windows Firewall. Whatever improvements MSFT made in Windows Firewall over Internet Connection Firewall, they did not add outbound control of connections. -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Win ME Home Networking , ADSL, Wireless Router & Ethernet Port Issue | Chandra Madhira | Networking | 3 | September 29th 04 10:03 AM |
Networking Dialog Box for password | BillO | Networking | 2 | September 28th 04 04:35 AM |
Windows 98 not networking | dave | Internet | 0 | July 7th 04 05:11 PM |
Networking problems | polar_bear | Networking | 0 | June 9th 04 05:34 PM |
MIssing files for networking | [email protected] | Networking | 0 | June 9th 04 01:38 AM |