PDA

View Full Version : Ghostwall blocks my activesync

emazur
December 18th, 2006, 12:52 PM
First off, I'd like to say thank you for making ghostwall freely available to the public.

I just did a reinstall of windows and decided to try ghostwall for the first time (I need a low-footprint firewall for this Win2k 800mhz / 320MB laptop). Using other firewalls I never had this problem, but after some frustration I discovered that ghostwall was the cause of activesync not being able to establish communication between windows & my smartphone via activesync 4.2 or 4.5. I didn't think to look there as I thought firewalls only affected internet traffic.

On MS page http://www.microsoft.com/windowsmobile/help/activesync/default.mspx it says this:
ActiveSync also uses the following ports for communication to/from these processes:


Inbound TCP:
990
999
5678
5721
26675

Outbound UDP:
5679

I wasn't sure how to figure out to set that up on ghostwall so I wound up uninstalling it. I saw the only thing being blocked in the ghostwall gui stats was UDP, so I inputted 5679 as the outgoing port, with the associated things as "any" and "allow" but it didn't make a difference.
Hermescomputers
December 18th, 2006, 08:31 PM
Make sure all your Local loop (Localhost) port traffic is also enabled for the application to perform self talk.
emazur
December 18th, 2006, 09:25 PM
Localhost has nothing to do with ghostwall right? It seems to be configured correctly, since after I uninstalled ghostwall activesync has worked fine
Hermescomputers
December 18th, 2006, 10:24 PM
-{ Quote: "Localhost has nothing to do with ghostwall right? It seems to be configured correctly, since after I uninstalled ghostwall activesync has worked fine" }-

Re-installing it probably re-activated the default rule for local hosts self talk. Also called loopback.
i.e.: Rules for (127.0.0.1) and (0.0.0.0)

Remember to close port 0 & 1 after a fresh re-install. (check via GRC.com or auditmypc.com for those ports to see if they are closed and shielded).
arrrghhh
April 28th, 2007, 04:55 PM
yea activesync does some weird things with ports. instead of opening all those ports, i just allowed the remote ip 169.254.*.*, all protocols/ports incoming/outgoing. worked like a charm. windows creates an automatic private ip address, so by allowing this address to go thru will allow your phone to communicate with your computer with one easy line in ghostwall. good luck.

oh and firewalls affect all network traffic, local and global. you're forgetting that you have a local network now with your phone.