Jetico - how to allow LAN pcs to connect?

Discussion in 'other firewalls' started by Billy Goat, Jun 25, 2006.

Thread Status:
Not open for further replies.
  1. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Hi, everyone.. first time posting, after reading some great tips in this forum.

    Jetico is working great, but I cannot connect to any of the other machines on my home LAN unless I choose "Allow All" or "shut down firewall". When I do either of those, I can connect instantly to the other machines on my home LAN.

    I am new to rule-based firewalls, after several years using Zone Alarm and really want to stay with Jetico PF. I need to find a fix and it is probably something simple that I have overlooked due to my inexperience.

    Jetico's support emailed me with a tip but it did not work: "In "System Internet Zone" table you can find "Allow incoming UDP broadcasts" rules. Try to swich them on."

    I tried it, it did't work. I even tried a tip from the forum that said to remove the checkmark from "stateful inspection" on the protocol section of a couple of items, regarding TCP and UDP, but that did't work either.

    Thank you in advance for any help that can fix this problem and help me understand it. :)
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
  3. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Thanks for the URLs, Mrkvonic... unfortunately, they are the same tips that I had already tried and they did not work. I just tried them again and still no success. :(

    The only clue I have, but no idea how to fix it, is that when I try to access my other LAN machines while in Optimum Policy, is that there is a lot of activity in various tables around the "Block all Not Processess Packets" rules.

    I tried removing those rules and tried amending them, but still could not access my other machines. the only way I can access my other machines is by either turning the firewall off completely, or by using "Allow All" policy.

    Anyone have any ideas other than those URLs that Mrkvonic posted? Many thanks in advance for any help you can give this rules-based newbie. :)
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Are you allowing netbios? ports 137-139 (check your log to see if these comms are being blocked)
     
  5. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    I am not sure.... currently the log is only logging things like when I change from one policy to another (ie: from Optimum Policy to Allow All and back again)

    I don't know on what rule to enable logging, so I can see if I am allowing or blocking NetBios ports. Where would I do this?

    Sorry, I am new to rule-based firewalls and JPF is working perfectly for me with this one exception - not being able to access the other LAN machines unless I choose "Allow All" or "shut down firewall".

    Thanks for any help you can offer me :)
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Lets take the easy route on this, as it sounds like you may of blocked this at some point.
    Go to: Start / all programs / Jetico personal firewall,.. and click on "configuration Wizard" When the wizard opens press "next",.. this will then show the "Trusted Zone". Ensure that the IP`s on your Lan are entered. (I take it that your home Lan is behind 1 router, so all your PC`s should be covered by one entry,.. something similar to 192.168.1.0/24 (this covers the IP range of 192.168.1.0-192.168.1.255),... but of course this entry would depend on your router IP). If you can confirm all your PC IP on your Lan are within the trusted zone,.. we can move on,.. OR,.. If they are not, then enter these IP`s. close the wizard, and try to connect to the other PC`s

    Next to see if you have somehow blocked netbios,... Open Jetico, select: File / open,... in the window that appears, browse to the Jetico config folder (default installation is at: Program files / Jetico / Jetico Personal Firewall / config) then select Optimal.bcf and click "open". This will load a new default "optimal Protection". Once loaded, right click this and select "Apply policy" Then try to connect to the other PC`s.
     
  7. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Hi Stem :) Thank you very much for the info and tips in your post - I am going to try your suggestions this weekend when I have some time to sit and play with the program.

    All my machines are behind a firewall wireless router (Dlink) - the wireless router is connected by network wire to one of the pcs on my lan. The other two machines are a laptop and a pc (both using wireless cards). All three machines using Win98SE

    Jetico support have also been trying to help me - God bless them, you don't often get support from a free software, but they are willing to help out and they have been in touch a couple of times over the past week and asked me to send them my Config files, which I did yesterday.

    Your info, Stem, sounds like it may get to the root of my problem and I will post again after I check it out at weekend. :)
     
  8. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Hi Stem :) I followed your instructions carefully... my IP#'s where in the "wizard", so I moved onto the second part - loading a new default Optimum Policy.

    I encountered the same problem using this new Optimum Policy... there seems to be a lot of activity in the Protocols Table, specifically with the rule "Block all Not Processed Packets"... I think this rule may be blocking my LAN access by default, even in the "default out of the box" Optimum Policy.

    I even activated the "Allow incoming UDP broadcasts" rule in "System Internet Zone", as advised by the Jetico support email, but still no luck.

    If all else fails, I will just have to switch to "Allow All" policy while accessing my other machines, then switch back to "Optimum Policy"

    Thanks again Stem and Mrkvonic for your help... and to all posters throughout the forum for your awesome tips and info :)
     
  9. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Sorry guys.. I meant to say "My IP#'s WERE in the wizard window".... used the wrong version of "WHERE/WERE/WEAR" LOL ;)
     
  10. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi Billy Goat,
    Wireless Router:- this is new info from you.
    Is Jetico installed on all PC`s (wired/wireless)?
    For wireless PC`s there may be a problem with the rules (this will depend on you wireless config). For a quick test, open Jetico "Root /protocols Table", here you will see 3 rules,.. one for "ARP", one for "802.1x", and one to "Block All not Processed Protocol Packets", I would like you to edit this last rule so it will log the blocked packets,...double left click the rule, under the heading "log level" this will open the rule, and change the log Level to "Notice", then o.k. the rule. Then try to connect from this wireless PC. Once you have made the attempt, check the log for blocked packets.
    Please post details of any blocked packets.

    EDIT:
    You could simply untick the "Block All not Processed Protocol Packets", and you should then be prompted for any new protocol rule needed while you are trying to connect (ensure you are not connected to the internet at this time)
     
    Last edited: Jun 30, 2006
  11. Billy Goat

    Billy Goat Registered Member

    Joined:
    Jun 24, 2006
    Posts:
    7
    Jetico is only installed on my laptop... the other machines (both desktops) are both running Zone Alarm Free Version. I used to have ZA Free on this machine, too, and had no problems with LAN access.

    When I enabled the log on that last rule, it crashes my machine. but I did get to see the logged items briefly... the packets being blocked are "NetBEUI 802.3 LLC"

    I have tried unchecking every instance of "Block all Not Processed Packets" and even deleted those rules at one point, but that did not give me LAN access and did not prompt me for anything.

    I even tried adding a rule to allow NetBEUI 802.3 LLC packets (I forget where I put it) but it didn't fix the problem, so I reverted back to the original "factory" settings.

    Thanks again for taking time to try and help me with this, much appreciated :)
     
  12. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    First you will need to enable netBEUI on all of your PC`s, Instructions for win98 here
    You will then need to add a rule to allow the netBEUI, in Jetico this is in the Protocols table

    EDIT:
    I should of mentioned:- netBEUI framing: [rule to allow netBEUI = for wired connection] / [rule to allow netBEUI 802.3 LLC = for wireless connection]
     
    Last edited: Jul 1, 2006
Loading...
Thread Status:
Not open for further replies.