Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.



Troubleshooting Q&A - July 29, 2005

Two Firewalls Too Much of a Good Thing

One Internet connection and two computers each running firewall software can mean PCs that refuse to talk to each other. Here's an easy way to break down walls. Plus, diagnosing the cause of a dysfunctional wireless network.

By Ron Pacchiano

Q. I recently purchased a new PC and moved my old PC into the kids room. We have only the one printer and the kids needed access to the Internet anyway, so I decided to setup a small network to give them access to these things. It went smoothly except for one small problem. For some reason I can't seem to access either PC without first disabling my ZoneAlarm firewall. When the firewall is disabled, everything works fine. However, the moment I turn it on I lose all conductivity with the other PC. I don't understand why I have to disable my firewall in order to access my new PC. What am I doing wrong? Any suggestions you have to fix this would be helpful. Thank you.

A. Regardless of whether you're using a software firewall like ZoneAlarm's or a hardware firewall, all are designed to do essentially the same thing — protect your network from unauthorized access. In order to do this, the firewall needs to be placed between the network (LAN) and your Internet (WAN) connection. This placement allows the firewall to examine all incoming WAN traffic before it can make it onto your network. Any traffic not recognized by the firewall will be discarded. Since the firewall is supposed to be acting as a gateway to your network, all traffic moving behind it is considered to be trusted by the network and allowed to move freely between workstations.

If, however, you were to use the ZoneAlarm Firewall on both of your workstations, each system would in essence become a LAN. So even if they shared a workgroup name, they would still be unable to gain access to one another because the firewall is seeing the data request as originating from outside of its own network. To get around this you either have to one of two things:

  1. Get rid of the ZoneAlarm firewall on each PC and just rely on your router's hardware based firewall to protect you (which is fine, by the way)
  2. Define rules within the firewall software that grant each PC full access to the other. This tells the firewall that it's OK for traffic to pass back and forth between these two systems. The ZoneAlarm documentation should give you the information you need to successfully configure that or you could try contacting their tech support group and they should be able to walk you through it.

Personally, if I were you, I would just be to disable the software firewall altogether and just stick with the hardware one. In my opinion it's the easiest, simplest and quickest solution.

Q. I have two computers that I would like to network using a wireless connection. Both computers are using Windows XP Home Edition and are equipped with D-Link DWL-122 USB wireless adapters. The drivers for the wireless adapters have been installed and are listed as working in the Windows Device Manager on both systems. There is even a green "D" near the clock that indicates that the system is online. Yet in spite of this, the PCs can't seem to communicate with one another. The systems don't display in Network Places, I can't reach any of my share folders and, to top it off, I can't even ping from one PC to the other. I'm at a loss to explain this and don't know what to do next. Do you have any idea what might be wrong and what would be the best way for me to go about correcting it? Thank you.

A. Trying to network two PCs can sometimes be frustrating — especially if you're not overly familiar with the basic networking principals. For instance, if you can't ping either PC, then you might as well stop trying anything else because something is fundamentally wrong with your current configuration. The only time when a PC wouldn't respond to a ping and was configured correctly would be if you had a firewall running on that PC that was specifically set to not respond to the Ping command. Also, just because the D-Link utility is showing that the system is online doesn't necessarily indicate that your network is configured correctly. It just means that the card can see the presence of another wireless adapter or access point.

Also, you didn't mention if these two PCs were going to be connecting to each other directly or if there was a router or access point involved. This makes a big difference in how the wireless adapter needs to be configured. If they are communicating directly with each other in a peer-to-peer network then the wireless adapters need to be set to broadcast in Ad-Hoc mode. If, on the other hand, a router or access point is being used, then you'll need to configure the network interface cards (NICs) to operate in Infrastructure Mode.

With that out of the way, we can start configuring your network. First, you'll need to double-check your IP settings. In a peer-to-peer environment (one without an access point or wireless router) you should make sure that both PCs are using a static IP address and share a common subnet mask. A typical example for this would be to give PC1 an IP address of 192.168.0.2 and PC2 an IP address of 192.168.0.3. 192.168.0.1 would usually be reserved for the wireless router. Then each PC would be given a Subnet mask of 255.255.255.0. If you're using a wireless router, then there is a strong possibility that the router is handling the IP address assignments dynamically via DHCP. However, you should still double-check the settings just to be safe.

Next, check to see if both computers are members of the same workgroup. Also, verify that both wireless cards are configured to use the same wireless settings. They should share a common SSID (just like the workgroup name) and they should be transmitting data on the same channel.

To make things easier on yourself, I would also disable any WEP encryption you currently have in place. I understand that you want your data to be secure, but WEP can add a level of complexity to the network configuration that you just don't need right now. Once you have conductivity between your two systems, then you can worry about securing them with WEP. When you do finally enable it, take your time and ensure that WEP settings on both cards are set to the same encryption level (64-bit, 128-bit, and so on) and are using identical encryption keys. If you follow these steps you should find yourself online in no time. I hope this helps.

Use our feedback form to submit your questions on home or SOHO networking issues. Please be as specific as possible. We cannot guarantee to answer every question we get, but we’ll consider them all.



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums