Router Firewall problem.....

A

Alan Moore

Guest
Recently took the plunge and got broadband at home through Eircom who sent me out a Netopia modem/router - 3547W ( the wireless one ). Its all working fine expect that I don't seem to be able to use WinMx or other file sharing programs anymore. Have read up on the internet that this is likely due to the fact that the router has a firewall and this needs to be turned off. Have Norton and it seemed to work okay before I got the router.

Now the solution according to Netopias site and some forums is the open up explorer and change the settings by browsing Netopias web interface at http://192.168.1.254. (192.168.1.254.) However when I try this I get nothing and it times out saying the gateway is not contactable. Rechecked the address by way of ipconfig and it seems to be correct.

Any ideas?
 
Have read up on the internet that this is likely due to the fact that the router has a firewall and this needs to be turned off.

I thought that the firewall was an optional add-on to that Netopia device and is not included by default when shipped by eircom? I.e. to enable it you have to buy an additional Netopia license key.

Now the solution according to Netopias site and some forums is the open up explorer and change the settings by browsing Netopias web interface at 192.168.1.254. However when I try this I get nothing and it times out saying the gateway is not contactable. Rechecked the address by way of ipconfig and it seems to be correct.

What are the TCP/IP settings (i.e. the output of iconfig /all) on the host PC from which you are attempting this connection?

Presumably you have connected the USB 802.11 wireless interface to the host PC so that it can contact your Netopia Access Point? If so then it should be getting a DHCP lease from the device and should probably be 192.168.1.1 or something like that. If it's not then your PC is not on the same network as the Access Point and that's the initial cause of your problems.

Does that make sense to you?
 
Mmmm

Thanks Clubman. Makes some sort of sense. Wouldn't be an IT expert but can normally find my way around with a little help from google.

The IP address is 192.168.1.1 as far as I remember.

"Presumably you have connected the USB 802.11 wireless interface to the host PC so that it can contact your Netopia Access Point?" - Yep all connected up, have no problems with accessing the www or e-mail. I just have this problem with file sharing. DHCP Lease? Now that is sort of double dutch to me. But assume it refers to the IP address.

Problem. When trying to download a file now using WinMx, I used to get a "negotiating with server". Now I get a "waiting for network reply" which eventually times out. Have tried E-Mule as an alternative but having the same problems.
 
Re: Mmmm

DHCP Lease? Now that is sort of double dutch to me. But assume it refers to the IP address.

Sorry - the Netopia device includes a DHCP (Dynamic Host Configuration Protocol) server which issues ("leases") IP addresses to other hosts on the LAN. If your PC is 192.168.1.1 and other stuff works OK anyway then chances are it is getting its TCP/IP configuration settings correctly from the Access Point. One way to check is to do ipconfig /renew on your host PC and see that it renews the DHCP lease. It should get the same IP address anyway but no errors certainly means that you are getting a DHCP lease from your Access Point's DHCP server (well hopefully yours and not your neighbour's or somebody else's! ;) ).

When trying to download a file now using WinMx, I used to get a "negotiating with server". Now I get a "waiting for network reply" which eventually times out. Have tried E-Mule as an alternative but having the same problems

I am not really that familiar with peer to peer filesharing applications such as WinMX seems to be but I presume that they need to send data out on a particular port as well as accept inward connections on other ports. It's possible that to do the latter you need to configure certain aspects of your Access Point such as the firewall (if enabled) and/or port forwarding or the like. This might well be the root of your problem if the only applications affected are P2P filesharing applications.

One way to check which ports are open is to use the ShieldsUp! firewall tester on the Gibson Research site (scroll down to the Hot Spots section and click on the ShieldsUp! link).

On a separate note, bear in mind that the Netopia Access Point as it arrives from eircom is not configured for security and you might be as well to review the relevant settings (e.g. change the Access Point's administrator password, disable remote administration mode, disable SSID broadcast, lock access down to the MAC address(es) of your home PC(s), enable WEP encryption etc.). Otherwise it's quite possible that anybody in the vicinity of your home could access your LAN and/or broadband connection wirelessly.
 
Thanks Clubman....

....thats my homework for the night.
 
Re: Thanks Clubman....

Best thing to do is tackle things in this order:
<!--EZCODE LIST START--><ol><li>Find out why you can't access the Netopia control panel by entering http://192.168.1.254 (192.168.1.254) into your browser address bar.</li><li>Research the LAN/router/firewall etc. requirements for P2P filesharing applications a bit more</li><li>Implement any firewall/port forwarding etc. changes that you need for P2P filesharing at your Access Point</li><li>Deal with the security issues when you have sorted the other stuff out (personally I would do this first but you might want to defer it).</li><li>Test your LAN security with ShieldsUp!</li></ol><!--EZCODE LIST END-->
 
Still at a loss as to why....

.....I can't access the Netopia control panel by entering 192.168.1.254 your browser address bar. Read the documentation which came with the router. It says to clear the address bar and put in http://192.168.1.254 (192.168.1.254) but still says can't reach the gateway.

Had a notion on the 46A this morning that maybe its timing out without giving the router a chance. Any other notions appreciated.
 
Re: Still at a loss as to why....

Can you post the output from executing ipconfig /all in a DOS command shell on your desktop PC please? In particular it would be interesting to see what your PC's default gateway setting is.

If accessing the Access Point's web based configuration console is the priority then presumably you could connect the PC to the Access Point directly via one of the four 10/100BaseT at the back using a standard CAT5 cable? (If I recall correctly this device includes a 4 port 10/100BaseT hub).

Had a notion on the 46A this morning that maybe its timing out without giving the router a chance.

Maybe what is timing out? The PC/browser end of the connection? Realistically if things are working properly then timeouts should not be a factor.
 
Re: Still at a loss as to why....

as previously stated, use ip config /all from a dos window to check your net cards settings
the default gateway is your router

if inet explorer does not work try telnet

oped a dos window
telnet 192.xxxxxxxx

it couild be that the web interface is not turned on which is an option with some routers
 
Re: Still at a loss as to why....

Cheers Clubman & Eamonn66. Will do later on or perhaps tomorrow if Christmas lunch turns sloppy.
 
This is what I'm looking at when I run ipconfig....

Any notions

Windows IP Configuration


Ethernet adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::202:78ff:fee7:b e9%5
Default Gateway . . . . . . . . . : 192.168.1.254

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : fe80::5445:5245:444f%4
Default Gateway . . . . . . . . . :

Tunnel adapter Automatic Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.1%2
Default Gateway . . . . . . . . . :



When I run Telnet 192.168.1.254 I get the following

Terminal shell v1.0
Copyright ⌐2004 Netopia, Inc. All rights reserved.
Netopia Model 3347W Wireless DSL Ethernet Switch
Running Netopia SOC OS version 7.3.3 (build r0)
Multimode ADSL Capable
(Admin completed login: Full Read/Write access)

Netopia-3000/15342872>
 
Re: help

Some of the details above seem to have come out garbled - in particular some of the IP addresses don't seem to have replicated correctly and I'm not sure why the MAC (Medium Access Controller addresses don't seem to be listed). At least the gateway address is correct. Do you know what those "tunnel" adapators are?
 
Re: help

If they are enabled then try turning off the proxy settings temporarily in your browser window and trying to browse again.

Sometimes there can be a bit of confusion (or misconfiguration) when you are trying use a proxy to access machines on the same network as yourself. In this case you are trying to access the machine that the proxy process is running on.

The fact that you can telnet means there is no inherent connectivity problem. Remaining options include something (like your browser redirecting to a proxy) stopping the web traffic between the two machines or perhaps there might be no web interface running on the netopia. I reckon the proxy settings are the problem. If the web interface is turned off then you will have little option but to telnet in and turn it on, but this assumes you a) have the password and b) know the commands.

z
 
Re: help

Good point Zag. Another test might be to run telnet 192.168.1.254 80 to connect to the web port (port 80) of the Access Point. You may need to hit return/enter a few times but if you get something back (most likely the raw HTML of the Access Point's web configuation interface main page then things are working OK and the proxy configuration could well be the cause of problems when trying to connect the browser to the web configuration front end.
 
Thanks for the tips...

But its a case of 1 step forward , two steps back.

Have managed to get the web interface going by rebooting the router via telnet. A lot of sites seem to suggest port forwarding but winmx is still not letting me download. I'll keep at it. Have tried some of the suggestions above but not making a breakthrough.

The two steps back. I have changed some settings which appear to be affecting the download speed. IE seems to be slower finding sites but once it does the speed is okay. For example, it might take 10 secs to find AAM but once in I can move around fairly quickly. Is there a simple way to reset the windows lan settings to what they were?
 
Got...

Limewire to work. Seems to be as good as WinMx so that problem is solved. Now I just need to get my internet back up to speed. Methinks it might be something to do with protocol but not sure.
 
Re: Got...

Delays finding sites and then good throughout when you find them is normally down to DNS issues.

What happens is that your machine needs to translate www.askaboutmoney.com into an IP address like 1.24.30.75 and then make the connection to that IP address. A bit like the way you don't ring George Bush - you look up his number in a phone book and then ring the number for George Bush. The problem comes about when the first place you look doesn't know the answer but doesn't tell you this. Your machine then waits 10 seconds or so and tries the second entry on the list - this comes back with an answer straight away and your machine then connects to the destination.

Check your DNS entries against those that your ISP recommends and make sure they are pointing to the correct place. If you are using a proxy then it is the proxys DNS settings you need to modify.

z
 
Re: Got...

Thanks Zag.

Not so sure. The DNS settings are automatically set by the ISP ( eircom ). In the instructions provided by eircomom they suggest to set "Obtain IP address abd DNS server address" to automatic which I have. When I look at the automatic settings they seem to tie in with eircom.
 
Re: Got...

Yes *BUT*

Have you checked the DNS settings on the netopia ? eircom may well have set it for you, but you said above that you changed a few things - maybe you unset it.

I restate my earlier statement - delays getting to a site for the first time in a session followed by good throughput indicate DNS problems.

My netopia sends me out a DHCP config which points my DNS resolver at the netopia. My netopia knows nothing about DNS, so it forwards on the requests to the main eircom DNS servers which either know the answer or know which DNS server to ask to get the answer and the answer eventually gets back to me. If the first device I ask has a dud entry in its list of servers to forward to then I have to wait for the request to time out before the device asks the correct DNS server.

Check your netopia web page and see what values you have for DNS-1 and DNS-2

z
 
You must log in or register to reply here.
Back
Top