Announcement

Collapse
No announcement yet.

Firewall

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Firewall

    I am having problems accessing my web page. I am running Zone Alarm firewall and because I am ISP provides me with a dynamic IP I am using no-ip.com. Does anyone know how I can configure my firewall for port forwarding or any other way to resolve this?
    0
    Please help
    0%
    0

    #2
    Not sure what you wanted a poll for ?

    As I understand it you are using a dynamic DNS service to point your url at whatever current dhcp address your isp is supplying you with.
    If the web server (Homeseer?) is on this Zone Alarm machine which is connected to the internet, then any url requests should be pointed to that machine by the dynamic dns anyway, so you just need ZA configured to allow access to the necessary port in use.

    Port redirection (such as Port Tunnel) would be required if the web server was on an internal network (not directly connected to the internet) inside of a NAT router or internet connection sharing machine.

    If you provide more detail of your setup, problems and requirements I should be able to offer more specific help ...

    Robin.

    Comment


      #3
      I was just searching the forum for this, mind if I throw my info in too?

      My setup:
      Static IP
      Win2kpro with RR cable modem & Zonealarm Pro, no hardware router/firewall. Windows ICS.
      Homeseer on another machine on LAN, port 88

      What settings do I need to make with Win2K and Zonealarm to view my Homeseer page on the LAN?

      Thanks.

      Comment


        #4
        I am running Windows 2K Pro with Zone Alarm. I have configured my Zone Alarm to accept the request to my I.P. however, external to my network I can not access my Web Page. Is there anything else I should try? Thanks

        Comment


          #5
          One thing I forgot to mention is I am trying to use www.no-ip.com which sychronizes my dynmaic I.P. on my machine to my domain name. By using this service I can virtually always find my web server. Have any of you folks tried to do this?

          Comment


            #6
            I've had w2k pro, with zonealarm, w/rr-cable, and no-ip....and all works fine.

            I'd suggest turning off zonealarm, and get it working w/o the firewall. My gut is that zonealarm is not your problem here.

            Are you using a router, or is the cable modem ethernet connection coming right into your systems' ethernet card? If you are using a router, there are a bunch of setup steps (both router and HS system) that need to be done in order for this to work.

            Win2000 Pro SP2, IE6, 1333Mhz512KRam, PN576V, MR26a-B10, HS-B42, HSP-B17, VR/TTS-SAPI5ATT

            Comment


              #7
              Dave,

              I am using a DSL modem and a gateway that is conected to my router. The pc that HS is on a router what additional steps that I will need to take to configure this properly?

              Win2000 Pro SP2, IE6, 1.3Ghz

              Thanks

              Comment


                #8
                http://ubb.homeseer.com/6/ubb.x?a=tp...844#4232982844

                Win2000 Pro SP2, IE6, 1333Mhz512KRam, PN576V, MR26a-B10, HS-B42, HSP-B17, VR/TTS-SAPI5ATT

                Comment


                  #9
                  Dave,

                  thanks a million.

                  Does it matter that I am not running a linksys cable modem? I am using a westell DSL modem provided by my ISP. I will try this.


                  Thanks

                  Comment


                    #10
                    Firewall Configuration
                    Set WAN (Internet) interface on Firewall for ISPs settings as required (DHCP or static) and ENABLE ICS (NAT defaults to 192.168.0.1).
                    Set local LAN network interface on Firewall machine to 192.168.0.1 and NOT ICS shared.

                    LAN
                    Set the 'default gateway' for all internal machines to the Firewalls LAN address of 192.168.0.1
                    Make sure the other LAN machines also have valid DNS entries.

                    Port Redirection
                    If you require incoming requests to be routed to internal LAN machines then you need to set up redirection to those machinesorts. Win2K has redirection capabilities built in (choose 'Settings' from the WAN ICS sharing page) but I haven't used this myself so can't give any more specific info on it. I'm using a 3rd party program called Port Tunnel which runs as a service and has been faultless. The following will provide an overview which should hopefully allow you to set things up with whatever port redirection method you settle on.

                    Suppose you have 2 internal machines and 3 'server' resources which you wish to make available to the Internet ...
                    1. A VisionGS video server using port 80, which is on pc1 (192.168.0.10)
                    2. A 'demo' version of Homeseer using port 88, also on pc1 (192.168.0.10)
                    3. A different 'private' version of Homeseer which also uses port 88, but is on pc2 (192.168.0.99)

                    1. From the Internet you wish your VisionGS server to be addressed as 'YourDomain:1234', so the redirection for 'VisionGS' would be:
                    Firewall TCP port 1234 mapped to 192.168.0.10 (pc1) port 80

                    2. Web browsers will default to port 80 unless a port is specified in the URL, and as you wish any incoming access for 'YourDomain' (no port specified) to go to the demo HS then you require this to be available on the Internet as port 80. Therefore the redirection for 'demo' HS would be:
                    Firewall TCP port 80 mapped to 192.168.0.10 (pc1) port 88

                    3. Lastly, you wish to address your 'private' HS server as 'YourDomain:9999', so the redirection for 'private' HS would be:
                    Firewall TCP port 9999 mapped to 192.168.0.99 (pc2) port 88

                    Assuming you have assigned the correct WAN & LAN IP addresses to the Internet & Trusted zones within Zone Alarm (and it is already working correctly), then (from memory) you shouldn't have to do more than answer 'yes' to both the 'Allow this program to act as a Server' and 'Remember this setting in the future' type questions which will pop up the first time you run a port redirection program like Port Tunnel. I expect you will get something similar with the ICS port redirection, however both ZA 2 & 3 provide the facility to enable specific ports (ie: TCP 1234, 80 and 9999 for the above example) if necessary.

                    Hope this helps a bit, Robin.

                    Comment


                      #11
                      Let me clarify. You will have a modem, which is either a cable modem, or a dsl modem. The output of those modems are an ethernet connection. That ethernet connection can either go directly to the ethernet card on a singular PC.....or it could go to the input of a router. Linksys is one of the common brands of a router. There would be multiple ethernet outputs of a router, which you would then connect each of your PC's to.

                      The instructions I referred to deal with the configurations setup that are needed on both the router and the pc.

                      If you don't have a linksys router, but some other router.....you should look for similar configuration settings.

                      Can you feedback exactly what your hardware lashup is....thanks.

                      Win2000 Pro SP2, IE6, 1333Mhz512KRam, PN576V, MR26a-B10, HS-B42, HSP-B17, VR/TTS-SAPI5ATT

                      [This message was edited by DaveB on Monday, 10 June 2002 at 03:50 PM.]

                      Comment


                        #12
                        Robin thanks for all the info. This is all relatively new to me. I think I figured out the Zonealarm settings. I am now able to use WinVNC again! Kinda unrelated to my original question.

                        Still having problems though on the HS server. Maybe someone using Win2k to do this can assist.

                        One specific question is this: in the Internet Connection Sharing Settings page I want to choose the 'Services' tab? And 'Add' one called Homeseer. Enter the TCP port # (88) and the name or address of the Homeseer machine (192.168.0.2).
                        Right?

                        Oh, I don't know if I have "valid DNS entries" for my internal computers. I have DNS Disabled on my HS machine (WIN98). Is this relavent?

                        Comment


                          #13
                          I guess I answered my own question. Without changing anything I mentioned above it works today! So I am happy.
                          Now to go back and plug all those unneccesary holes I created in my firewall!

                          [This message was edited by Kerry on Thursday, 13 June 2002 at 01:09 PM.]

                          Comment

                          Working...
                          X