Network Sharing with ZoneAlarm

Discussion in 'other firewalls' started by srfox, Sep 8, 2003.

Thread Status:
Not open for further replies.
  1. srfox

    srfox Registered Member

    Joined:
    Jul 25, 2003
    Posts:
    86
    Location:
    Los Angeles
    I have ZoneAlarm installed on my XP and 98 machines. I've always had problems accessing share files from the 98 machine, but now I have problems accessing the share files on the 98 machine. Does anyone know what settings might permit me to see the files in shared directories on 98 machine? I get you don't have permission to access. (I don't know if this has anything to do with it, but I have SAM accounts disabled).
    Also, I pass the shieldsup probe, but when I went to Sygate's test it said that port 1900 was open. And I have disabled the plug n' play.
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Well, first and foremost you need to confirm that file sharing works fine in both directions when you've completely shutdown Zone Alarm on both machines. Since you did not specifically say that you had tried that (above), I have to start by suggesting that.

    Next, for file sharing to occur on your LAN without Zone Alarm blocking it, you need to have all the IP addresses of the LAN in the Trusted Zones of both Zone Alarm configs, including your gateway (router?). In ZA, I'd add those addresses and also look for the entry in the Firewall panel > Zones tab that has the entry/type of 'Network' and set that to Trusted as well. The Trusted Zone slider in the Firewall panel should also be set to Medium on both machines.

    You haven't said what the configuration of your network is. I'm assuming it's off a router. If so, then the router is responding to the Sygate port scan on 1900, not your local systems. If your network setup is different than this, let us know.
     
  3. srfox

    srfox Registered Member

    Joined:
    Jul 25, 2003
    Posts:
    86
    Location:
    Los Angeles
    Network setup is just use DHCP and other machines share internet through network configuration. I tried resetting it to one of the other configurations(pacbell) and the parent of pacbell to use as access, but I couldn't get it to work. The IP address is constantly changing for router as it is non-static. I tried disabling the firewall on 98 machine and I did add each IP on both machines to the trusted zones. I don't know what to use for the router. If you need specific information on my network config, let me know. I didn't initially set it up. Some one else did. Although I've had some training on networks and setting up networks I wouldn't say that I'm experienced enough. I would rate myself on networks as a little bit beyond a beginner. Like the registry I've still got a lot to learn. The default gateway is 192.168.1.1. I haven't set this in trusted zone. I set the others with the subnet 255.255.255.0.
     
  4. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi srfox

    Instead of individual IP's, try adding the subnet to the trusted zone: 192.168.1.0/255.255.255.0 and see if that works. If you are using NetBIOS on the LAN, the UDP portion will involve broadcasts and those will have to be allowed.

    Regards,

    CrazyM
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Well first, did you test file sharing with ZA turned off on both systems at the same time? And does it work in both directions completely? If not, ZA is not the problem.

    Next, the address that is changing on the router is its public (WAN side) one, as it is reassigned by your ISP. The address you need in the ZA Trusted Zone is the routers LAN (internal) address (192.168.?.?) Edit: Ah, as CrazyM said above, allowing it by that subnet should do it, too.

    Confirm that both ZA Firewall tabs have their Trusted Zones set to Medium security, too.

    Then, if you make sure that alerts and logging are enabled, you should try sharing operations and look in the log viewer to see if any block messages are being logged.
     
Loading...
Thread Status:
Not open for further replies.