Internet Connection Sharing

Discussion in 'ESET Smart Security' started by teemo10, Apr 12, 2009.

Thread Status:
Not open for further replies.
  1. teemo10

    teemo10 Registered Member

    Joined:
    Apr 8, 2009
    Posts:
    2
    I searched for this on the forum, but could not find anything related/similar. Please guide me to such a post if I've missed it.

    I use windows XP on my PC and on my laptop, and my pc connects to the internet using a 3G modem, I then turn on internet connection sharing on my pc, to allow my laptop to connect to the internet.

    So the setup is basically:

    1. PC connected to internet through 3G modem, with ICS turned on ->
    2. Router connected to my PC (and works as an access point)
    3. Laptop connects to wireless to get internet.

    Now this setup works fine at all times, provided one condition. Turn off any 3rd party software firewalls. I tried Norton, Macafee, Panda and now ESET. If there is only the windows firewall, things work fine. As soon as I turn off the ESET firewall (completely disable it) everything works fine. As soon as I turn it on, I get no internet on my laptop (i.e. The internet is working on my pc, my laptop is connected my wireless, however i can't access the internet/websites on my laptop).

    My question obviously is, how can i get ICS and ESET firewall to work together?

    Any help would be much appreciated, and thank you in advance.

    Tamer
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hello Tamer, welcome to Wilders,

    The ICS LAN address (usually 192.168.0.1/255.255.255.0) should be placed in the trusted zone to allow the unsolicited inbound. You should then re-boot the router.
    To enable comms for the DNS server on the PC, you will need to set the firewall first to interactive mode (if not in that mode already), then when the ICS LAN is up, attempt to connect out through your laptop. You should get a popup similar to the one below. I expanded the rule and added the local port.

    in.jpg

    You should then get a popup for outbound as below. I expanded the rule and set the remote computer as "Trusted zone" and local port.

    out.jpg

    If you where in automatic filtering mode before, then change the mode to "Automatic mode with exceptions"
    You should then be able to connect out from the laptop.


    - Stem
     
  3. teemo10

    teemo10 Registered Member

    Joined:
    Apr 8, 2009
    Posts:
    2
    Thank you for the prompt reply.

    "The ICS LAN address (usually 192.168.0.1/255.255.255.0) should be placed in the trusted zone to allow the unsolicited inbound. You should then re-boot the router."

    I have tried to implement the above in several ways, and failed. Under "Zone and rule setup" -> "Zones" tab, I select "Trusted Zone" and click on the edit button. I tried adding the address:

    1. Using a "Subnet" but after entering 192.168.0.1 in the "Address" field and 255.255.255.0 gets automatically filled in the "Mask" field. After pressing ok, the address added atomically becomes 192.168.0.0.

    2. Using a "Single Address" (192.168.0.1), which worked but made no difference.

    3. Using a "Address Range" (192.168.0.1 - 192.168.0.128 ), also made no difference.

    By made no difference I mean, I never got the alert messages mentioned, asking me to allow communication. I also had my firewall filtering mode in "Interactive mode", which resulted me in seeing some alert messages for local applications, but never anything about remote communication.

    Unfortunately I'm back to disabling the firewall, till this issue becomes resolved.

    Waiting any further assistance.
     
    Last edited by a moderator: Apr 13, 2009
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi,

    Adding the the LAN as 192.168.0.0/255.255.255.0 to the trusted zone is correct:

    2009-04-13_170017.jpg

    If you then re-boot the router, the router should then get its IP from the ICS.

    You may have to check the ESS firewall log to see if the firewall is blocking the routed comms, if it is, then you will need to go to the advanced settings and disable the "Block unsafe address after attack detection"

    2009-04-13_172905.jpg

    ICS does work with ESS, I currently have this set up.


    - Stem
     
Thread Status:
Not open for further replies.