Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Firewall and home network?

  1. #1
    da_goldstein Guest

    Default Firewall and home network?

    I just switched to Zonealarm firewall. I have two computers running windows vista, one desktop and one laptop.

    Prior I had a network between the two. After installing zonealarm they no longer can detect each other. Can someone help me add both to trusted networks so I can restore the network? Thank you
    -David

    Operating System:Windows Vista Home Premium
    Software Version:7.1 (Vista)
    Product Name:ZoneAlarm (Free)

  2. #2
    hammernu Guest

    Default Re: Firewall and home network?

    On each computer, enter the console command "ipconfig /all" (without the quotes) and make a note of the IP Address. In ZoneAlarm Firewall > Zones for each computer, create a Trusted IP Entry for the IP Address of the other computer. They should each be able to see each other now.
    To open the Command Console on XP for the "ipconfig /all" command, go to Start > All Programs > Accessories > Command Prompt.

  3. #3
    kritiker Guest

    Default Re: Firewall and home network?

    So putting one's home network (e.g., 192.168.2.0/255.255.255.0 (as a network) or 192.168.2.0-192.168.2.255 (as an IP range)) into the Trusted Zone (for each computer on the network) is insufficient?

    Message Edited by Kritiker on 11-12-2008 09:12 AM

  4. #4
    hammernu Guest

    Default Re: Firewall and home network?

    Putting a Trusted IP Range into the Zones is fine as long as it corresponds to the DHCP-assignment range of your router. This is what I do because it allows the same entry to be added for each networked computer.
    If you've already done this and the computers still can't see each other, you may want to try a database reset (but you'll still need the IP range in each computer):
    1) Ctrl + Shift right-click on ZoneAlarm System Tray icon

    2) Click Reset in popup menu

    3) Click Yes in Reset Settings dialog box

    4) Click OK when prompted to reboot

    5) Follow onscreen prompts after reboot


    Message Edited by HammerNU on 11-12-2008 11:46 AM

  5. #5
    kritiker Guest

    Default Re: Firewall and home network?

    "Putting a Trusted IP Range into the Zones ... allows the same entry to be added for each networked computer. "
    Two other advantages are that:
    - as dynamic IP addresses on the home net change, there is no need to change the trusted IP address in ZoneAlarm
    - as new computers are added, they have access to the computers already on the net

    But the disadvantage is (the same as the last advantage) that as new computers are added, they have access to the computers already on the net. One may not always want this.

    I like to assign fixed IP addresses to the computers on my home network and specify only their specific IP addresses as being trusted. That way
    - there is no need to change the trusted IP addresses due to dynamic IP address changes by the DHCP server
    - I can easily drop one of them if someone who doesn't need access to the other computers, say a visitor, is going to use an existing computer on the net
    - new computers on the net, say belonging to a visitor, don't automatically have access to the existing computers
    - one could use the same data on all computers on the net, since specifying a computer as trusted in its own Zone table shouldn't cause any problems, right?
    - there may be a small (negligible?) performance gain (at startup) because there is no need to query the DHCP server for a dynamic IP address.

    Can you see any problems with that approach?

  6. #6
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Firewall and home network?


    <blockquote><hr>Kritiker wrote:
    "Putting a Trusted IP Range into the Zones ... allows the same entry to be added for each networked computer. "
    Two other advantages are that:
    - as dynamic IP addresses on the home net change, there is no need to change the trusted IP address in ZoneAlarm
    - as new computers are added, they have access to the computers already on the net

    But the disadvantage is (the same as the last advantage) that as new computers are added, they have access to the computers already on the net. One may not always want this.

    I like to assign fixed IP addresses to the computers on my home network and specify only their specific IP addresses as being trusted. That way
    - there is no need to change the trusted IP addresses due to dynamic IP address changes by the DHCP server
    - I can easily drop one of them if someone who doesn't need access to the other computers, say a visitor, is going to use an existing computer on the net
    - new computers on the net, say belonging to a visitor, don't automatically have access to the existing computers
    - one could use the same data on all computers on the net, since specifying a computer as trusted in its own Zone table shouldn't cause any problems, right?
    - there may be a small (negligible?) performance gain (at startup) because there is no need to query the DHCP server for a dynamic IP address.

    Can you see any problems with that approach?
    <hr></blockquote>


    This arrangement should be okay.
    And you are correct.
    I do a similar setup myself (but with a few extra twists and turns).
    (I have not just the windows dhcp client services disabled along with lockiong in the IP/MAC of the computer in the router, but so is the windows dns client service disabled as the correct statically assigned IPs of the dns servers are locked in the tcp/ip properties).

    Oldsod.
    Best regards.
    oldsod

  7. #7
    kritiker Guest

    Default Re: Firewall and home network?

    <blockquote><hr>Oldsod wrote:... (but with a few extra twists and turns).
    (I have not just the windows dhcp client services disabled along with lockiong in the IP/MAC of the computer in the router, but so is the windows dns client service disabled as the correct statically assigned IPs of the dns servers are locked in the tcp/ip properties).
    <hr></blockquote>
    Very nice!

  8. #8
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Firewall and home network?

    "Very nice!"

    It is a well known arrangement for desktops that you and I are using.
    But not for laptops and such.

    Oldsod.
    Best regards.
    oldsod

  9. #9
    zaswing Guest

    Default Re: Firewall and home network?

    I think ZA free is different (the subject ofthis thread). At least older versions.
    ZA automatically detects the IP of the computer as Adapter subnet, not LAN, so a listing might be 192.168.2.x/255.255.255.0. ZA puts it in the Internet zone on installation, which needs to be changed to trusted. They do not add the normal LAN broadcast range as we see in the paid versions, though the zero at the end of mask implies they do, and I'm fuzzy on that one.
    Individual IPs must be added either one by one, or as a range 192.168.2.x to 192.168.2.y
    where x could be 1 and y could be 255 to cover the whole range or use any other IP numbers, most usually 100 to 149.
    Hope nobody minds me meddling in this one.

    Message Edited by zasuiteuser on 11-13-2008 11:13 PM

  10. #10
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Firewall and home network?


    <blockquote><hr>zasuiteuser wrote:
    I think ZA free is different (the subject ofthis thread). At least older versions.
    ZA automatically detects the IP of the computer as Adapter subnet, not LAN, so a listing might be 192.168.2.x/255.255.255.0. ZA puts it in the Internet zone on installation, which needs to be changed to trusted. They do not add the normal LAN broadcast range as we see in the paid versions, though the zero at the end of mask implies they do, and I'm fuzzy on that one.
    Individual IPs must be added either one by one, or as a range 192.168.2.x to 192.168.2.y
    where x could be 1 and y could be 255 to cover the whole range or use any other IP numbers, most usually 100 to 149.
    Hope nobody minds me meddling in this one.

    Message Edited by zasuiteuser on 11-13-2008 11:13 PM
    <hr></blockquote>
    Actually ZA free does not detect the computer's own IP as the Adapter's address, but it detects the dhcp server as the adapter's address.
    One of it's quirks (like some others from years ago).
    Unfortunately as you say there is not any Blocked Zone - just Trusted and Internet zone.
    However the Internet Zone will still stealth the computer (from other lan connected comouters) and still not allow file/printer sharing or allow any unwanted outgoing connections to these IPs (incoming connections will be blocked anyways).
    So the Free is still a very effective firewall without much drama or any other required extra settings.

    As for the lack of range in the ZA Free for the LAN- it well known not being friendly for the ICS or file/printer sharing on a LAN (unless the other LAN computer's IP are individually and manually included as Trusted.)

    Oldsod.
    Best regards.
    oldsod

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •