Results 1 to 5 of 5

Thread: Steps 4 setting up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

  1. #1
    sarahlp Guest

    Default Steps 4 setting up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

    After reading through several different threads, I just want to make sure that I am understanding what I should be doing:
    First, my computer is a desktop, SP2 XP Home Edition, ZA Suite 7.0.470, cable modem, netgear: There are 2 other household laptops that access their internet connection through my router, but we do
    NOT share files or printer.
    So, under the Firewall/Main/Advanced section i am choosing the 2nd option under the Internet Connection Sharing Section. This of course would be: This computer is a client of an ICS/NAT gateway running ZASS.

    Second, I need to do a ipconfig /all in order to get my DHCP Server, DNS Servers and Default Gateway's IP Address: In my case,
    ALL three of these IPs happen to be the SAME: 192.168.1.1

    Is
    THAT unusual?
    I am supposed to add all of these ip addresses to my Trusted Zone under Firewall/Zones.
    In addition to these three ip addresses, I should
    ALSO make sure that the LoopBack address of 127.0.0.1 is also in the Trusted Zone.Should I also include my desktop's assigned IP in the router? Should I also include the IPs and DNS IPS that are assigned by the router when it was 1st set up as a direct
    internet connection to my ISP
    under the normal
    TCP/IP regular ties? Once all of these IPs are included in my Trusted Zone, there will be a less likely hood of having our internet access interrupted or failing.

    After all these is done, I should be able to disable the DNS and DHCP Client services under Administrative Services in the Control Panel. This last step, of course, should only be done on the DESKTOP and not the other two household laptops.
    If this is done correctly, the svchost.exe aka Generic Host Process should not have ANY further need to have any internet server needs or requests?
    I hope that I am on the right track to understanding all of this.
    Thank you in advance for all the helpful threads.

    Operating System:Windows XP Home Edition
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Steps 4 setting up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

    Yes this is okay for the client of an ICS/NAT gateway running ZASS.

    No just add the 92.168.1.1 IP once as Trusted. This is sufficent. Apparently your router is also doubling up ans acting as a dns server, thus any additional dns IP is not really required.

    Correct. Add the loopback address (127.0.0.1) as Trusted.

    You could lock in the assigned IP of the desktop in the router itself - but not add it as the desktop's IP should already be listed in the router.
    Again adding just the router IP (with the subnet) is enough - it acting as the gateway, dns and dhcp server and this is all apparently the same IP in your case.

    After disabling the DNS and DHCP Client services under Administrative Services in the Control Panel, the svchost.exe will still call out on occasions.
    But the svchost.exe should have never needed internet server rights in the first place. It will just as before still need the trusted server - to allow the incoming connections from your router which apparently is both your dhcp and dns server.

    By disabling the DNS and DHCP Client service, each and every individual application is now forced to do their own lookups instead of "borrowing" window's svchost.exe to do the task for them. But windows itself will still use the svchost.exe from time to time to do lookups for itself and it's own outgoing files.
    Plus it is very important to first "lock in" the gateway/dhcp IP and the assigned IP and the correct dns server IPs in the properties of the internet protocol (tcp/ip) found in the properties of the network connection before disabling the dns and dhcp client services. Once those values are entered into the windows, then the Obtain an IP address automatically should be unchecked After this has been first entered and applied and ok'd, then reboot and then disable the dns and dhcp client services. And make sure the router has the desktop IP locked in and will never assign another IP to the desktop ever again - or else the desktop will not have a useable connection to the router on the next IP assignment.

    Oldsod.
    Best regards.
    oldsod

  3. #3
    sarahlp Guest

    Default Re:Steps to set up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

    Hello Dear Oldsod:
    I am so glad that I am finally getting "it" and understanding the inner workings of ZA and what it takes to make it work like a kitten's purr with my computer and ICS.
    Now, I think back and find myself laughing that this all seemed so foreign to me and I honestly thought this whole ZA jargon was just TOO hard to understand.
    That's why this forum and your input is so very valuable.
    Basically, I do believe most people have the same problems and questions, but don't know how to articulate their problems.I hope newbies to ZA and unfamiliar with ICS will take this thread and your input to heart because it really gets to the core of how get ZA to run smoothly.
    BTW, since my last post that you helped me with, I have not had
    ANY problems with my programs' access and permissions!!
    Thanks Again

  4. #4
    myurkus Guest

    Default Re:Steps to set up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

    SaraHip - FWIW I definitely agree that most of us are learning about and having similar problems. However, I think is is less a "not articulating" problem, but rather a matter of running into them and thinking about them differently. For instance, as I have been learning this, *my* thread from this forum a few months ago keeeps coming up in *generic* Google searches! I can only hope this has helped others (as you do,) but I think it has more to do with the way my mind works when problem solving these issues.

    That is the beauty of this board: even if he is essentially teaching the same topics, OldSod has been so helpful accomidating each of us based on our experience, nuances of our issues, and our learnng-processes. To me that is the mark of a truly great teacher. I have learned more here than from almost any other source.

    For instance, I bookmarked this thread as it is an addendum to my last question; however its focus was not my primary concern.

    I do not want to break the "hijack thread" rule, but can you clarify what constitues an "ICS/NAT gateway" from this context? I also have a NAT router, but it is not a Microsoft ICS gateway (by their definition) running ZoneAlarm... (so I recently turned this off and added some Expert Rules.)

    I can start another thread; however given the title of the thread I think/hope this clarification will help other people and their [same ] problems.

    Thanks as always!

    Message Edited by myurkus on 06-10-2008 06:17 PM

    Message Edited by myurkus on 06-10-2008 06:24 PM

    Message Edited by myurkus on 06-10-2008 06:26 PM

  5. #5
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re:Steps to set up a client of an ICS/NAT gateway running ZA Suite under Firewall/Advanced section

    Thanks Mike.
    Guess I finally got paid in full for this week at the forum with nice post of yours.
    Nice to get praise from another poster.

    Best regards.
    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •