ZA + uPnP (split posts)

Don't recall asking for an opinion on an id used elsewhere?

Many posts ago offered Fax and gre87y an email address via PM so that personal differences would not clutter up this forum.

Fax and gre87y have not taken advantage of that offer.

 

LoL it was a Joke... forget about it.

I don't see the point of private e-mails.
This is an open forum, so for the matters related to the post... I would like to share my info with everybody. And if a user go offtopic, Stem is very quick in cleaning and splitting the posts in more thread.

More users --> more opinions, experiences, information.
If you wanted just Stem feedback then why using an open forum?

Cheers,
Fax

 

@Escalader, fax,

Lets please stay on topic.

I know the topic as digressed a little, but I would prefer to follow this to try and find the problem with ZA and the blocking of the DNS. Unfortunatly my test PC is not seeing this problem,... so I am going to install VM`s to see if I can reproduce that way.

@fax,
You mentioned about the windows time service being broken, and the fact you now use a different server for time sync. This I presume is UDP? if so, what rules are in place for this? What I mean is, if this is UDP and only outbound is allowed for this, is the inbound (returned packets) being blocked? or is that server set as trusted?

 

Hi!
unfortunately I am the process of moving to VISTA on the machine... so I don't have anymore the specifc logs and I don't remember what exactly was blocked (UDP, or whatever)... for the clock, I did not make any changes in ZA, just changed the server used by the service.

Thanks and sorry,
Fax

 

Hi fax,

OK,
Will you be installing ZA onto Vista? If so, when you do, could you re-check for the blocked DNS
TIA

 

Yes, Ok.. I will.

Fax

 

FYI: MS did a fix to the time service on XP 2 days ago.

 

Yes,..... can you look for any possible problems with this, what I need to see is any blocked outbound or inbound for this service (do I presume this still is UDP on ports 123?)

 

With this update the time.nist.gov sync failed when I tried to update,
as to UDP/123 I have no data on that.

 

Please explian,.. failed?

this was the udp for time server.

 

As before mine in red

yes, again I can't help with this one, sorry

 

The windows time is still using UDP port 123, but when ZA is installed, this does not work in my setup, on removing ZA, time sync works again.

 

time.windows.com and time.nist.gov will simply fail.
Try time-a.nist.gov and it will work...



Why would UDP be rejected for nist.gov and not for a-nist.gov. Is this a ZA issue?
Really don't know, didn't have yet the time to install a proper connection logger.

Fax

 

With ZA installed, yes it fails, with ZA uninstalled time sync works:-
I have just time sync now (UK time)

 

Did you tried with the server I have mentioned (and ZA active) and what is the difference in the call or in the response?
You will need to inspect the packets sent and received...

Fax

 

As I mentioned here, when ZA is installed there is no packet sent for time sync, and no log in ZA to show as blocked.

 

Delete the response by mistake... posting again.

Stem I know. I am trying to go beyond and understand why packets are blocked with some servers and NOT for others. What is the difference between the two? Do you understand the issue?

There must be an explanation that goes beyond "I have shut down ZA" and it works....

Fax

 

I think this is more of a case that time sync works in some setups with ZA and not in others.

I have been trying to put forward similar for the problems seen by some (not all) of DHCP/DNS problems, this should go beyond "Place the servers as trusted and it works"

 

ufff, waste of time... Did you actually tried to change the server? If not... you should say. "No I have not tried it" and "I don't know why it works with a server and not with another"...

Its like to talk to a rubber wall, anyway, good luck I am fade up with your attitude.

Fax

 

Guy's guy's this is just a technical matter so lets stay on topic

I tried Fax's time sync link see attached jpg's and you will see 1 fails and 1 is successful.

I did this test with ZA pro removed according to the rules provided!

Conclusion: Well one might think that this one is independent of ZA!

 

@Escalader,

The main point of this with the time sync (for me) is the fact that ZA silently blocks the outbound udp packet (on my setups). The server you place for the time sync is irrelevant, as for example, I can place "wilderssecurity.com" as the time server,.. yes,.. you would get a "Failed", but the outbound udp is still made to the server you place. With ZA installed there is no outbound time sync attempted(udp port 123) seen at my gateway, for whatever server I place for time sync.

 

Of corse you can put forward your own opinion of me, but when it come`s to facts you appear to have a problem.

I have seen quite a number of posts by yourself, that are inaccurate even misleading, I have put replies to correct these, but you are argumentative even insulting at times due to these corrections, even though your info is proved as incorrect.
My attitude to you as been earned by yourself.

 

ZA does NOT block UDP. Check your facts before posting.
This is specific to time.windows.com

Thus my follow up question: Why it fails on time.windows.com?
But if I have to post my question 5 times before you understand the issue. I state again "what a waste of time".

On the rest, no comment.

Fax
A screenshot of successful time sync, just to show you how it works...

 

I check all before posting. As I have stated, these packets are blocked on my setups. But my posting a log that shows no attempted outbound time sync proves nothing, and as ZA is not logging these blocked packets, these cannot be shown.
You did at first put forward these problems where due to the windows time sync being broken, as I have shown on my setup, time sync worked correctly untill I installed ZA.

As with your own setup, you say you have problems with DHCP/DNS when the servers are set to internet, I have posted logs to show there is no problem with this on my setups.

I can put forward further logs to show DHCP/DNS working correctly without a need to place the DHCP/DNS servers as trusted, but then you would put forward that in your own setup these do not work correctly.

As I have stated, there is a problem with ZA, there is some conflict/bug within ZA and the hardware in use, that is causing these problems. How many time do I need to state that?

I do find it strange that you put so much effort into this time sync problem, but make no effort into looking at your (and others) problems with the DHCP/DNS servers.

You keep posting info such as:-

As I have posted, without ZA installed, the service/server does not fail to time.windows.com but you have to keep trying to find workarounds for ZA, as you do for DHCP/DNS,.... these should work without the need for such workarounds.

 

Yes, you still missing the point... and you have not checked on other time servers. Unprofessional... For you everything boils down to hardware problems and setup + ZA bug.

This is not a hardware problem nor a "on my setup". DNS/DHCP are irrelevant.

I give up! Mission impossible.

Fax