Can't access internet when Internet Zone Security is set to High
Link to earlier thread: http://forums.zonelabs.com/zonelabs/...ssage.id=20533
I realize you have closed the previous thread, feeling you said all there is to say;
I hope im not a pain... I just do not have knowledge in these things, and just want to know if I have ZA configured correctly.
I don't seek any in depth explanations, basically just want to know what IPs I need to add to ZA for internet to work lol... but I also have another question as well.
Some information in the next paragraphs, and summarized questions at the bottom.
While Internet Zone Security slider is on Medium, there is no need to add any IPs as Trusted to ZA - Firewall - Zone section, as you already know.
When the slider is on High, I need to add certain IPs like DNS and DHCP servers.
First, I found out I have to add the ISP server hostname added as Trusted, in order for the dialer to connect. So that is the first thing I know that needs to be added.
I also have 127.0.0.1 listed as Trusted which I can assume is needed as well.
Now im just trying to figure out which other entries I need to add - as I have several DNS, DHCP and Default Gateway IPs:
I assume I need to add either IPs listed under "Marvell Yukon" OR IPs listed under "PPP Adapter", and not IPs from both?
The command ipconfig /all shows the following:
Ethernet Adapter Local Area Connection: Marvell Yukon:
2 DNS Servers
1 DHCP Server
1 Default Gateway Server
PPP Adapter [ISP name]: WAN (PPP/SLIP) Interface (only shows when after im connected to the internet using the dialer)
2 DNS Servers
1 Default Gateway Server
Also "DHCP Enabled: No"
And under PPP, the Default Gateway IP is identical to the IP Address.
If I disconnect, and reconnect, the (last octet of the) IP Address AND the Default Gateway IP change (and both IPs are identical again).
So the two options are:
To add the IPs listed under PPP Adapter, that means adding its 2 DNS Servers, and DHCP server (there isnt one... so in this case it will be the Default Gateway instead, which is the same as the 'IP Address') - but that IP Address is already added as 'Network' - Internet under Firewall - Zones. So its not likely this one should be added.
The other option is to add the IPs listed under Marvell Yukon, that means adding its 2 DNS Servers, DHCP (there IS a DHCP server listed here), and also the Default Gateway? or Just the DNS Servers and DHCP server, and not the Default Gateway IP?
Also, I tested this with Internet Zone Security as High:
Under Network Connections, LAN1 (the one I use to connect to the internet) Properties, Internet Protocol Properties, Obtain an IP and obtain DNS Servers both marked to automatically.
I entered manually only the DNS Servers, first of the Marvell Yukon, then tried to connect using the dialer and it connected.
Then I entered the DNS Servers listed under PPP Adapter, and I couldn't connect using the dialer.
I also entered the DNS Servers of OpenDNS, which are known to work, and couldn't connect using the dialer.
Note that after adding the DNS Servers in Internet Protocol Properties, I also added them as Trusted to ZA, and then tried to connect, also tried to exit ZA then connect, and again, I could only connect using the Marvell Yukon DNS Server.
1) Am I right to assume the IPs I need to add to ZA as Trusted are the Marvell Yukon's 2 DNS Servers and 1 DHCP Server? (what about its Default Gateway IP? add or as well or not?), And to add nothing that is listed under PPP Adapter?
2) Why can't I Connect using the ISP DNS Servers (those listed under PPP Adapter), or OpenDNS Servers (DNS Servers provided by OpenDNS company, which I know others use and it works)? Do I need to do anything else besides adding the servers under Network Connections, Internet Protocol Properties, and to ZA as Trusted?
(I don't need to use a different DNS Server, I just wonder why it does not work, currently I can only connect using the Marvell Yukon DNS Servers)
3) After I connect to the internet, the IP is recognized in ZA and shows up (x.x.x.x/255.255.255.255) as Network (entry type) and as Internet (Zone).
You wrote that "The PPP IP should be added as Trusted", do you mean that I have to manually change it from Internet to Trusted every time I reconnect to the internet? (I have Dynamic IP)
This just does not make sense, as internet works fine as it is. Or did I not understand you?
4) About why it takes a few seconds after dialer says its connected, to have actual internet access, on High Internet Zone Security:
I remember when I was connected with ADSL and a router, there was internet access right after I connected to the internet (dialer was on the router's config page).
And now it take about 20 seconds to be able to access the internet, after connected, when im connected with Cable, and a Modem, and different ISP.
But what I ask is, is there anything to do to solve this, besides having the slider on Medium?
Or is this just the way it is, because of *my specific hardware/software setup*?