firewall config - Tilted Forum Project Discussion Community

Prince · 08-18-2006, 03:08 PM

I prefer to use at least some kind of firewall. For a while, I've been relying on my router's firewall, with the addition of Windows Firewall... However I've run into some issues that are forcing me to find an alternative way, and I am having trouble with it.

Essentially, I have trouble configuring a firewall. I am using an application which requires a wide range of open ports for communication across the Internet. Wide as in 50000-65535. My router's firewall does not allow opening a range of ports, which renders the application unusable. So, I "dmz'd" as best as I could the router's firewall, and set up ZoneAlarm, since I don't believe Windows Firewall allows opening port ranges either. At least I didn't see such an option when I looked it over. I'd rather use Windows Firewall but I don't know if it can do what I need it to do.

However, if I use the recommended setting for Internet, the High security setting, I can't even browse the Internet. Medium setting works, but I hate feeling like I am jeopardizing something security-wise.

Furthermore, I am feeling uneasy as to what ZA is considering to be the Trusted Zone. When I installed it, it identified a "network" which I assumed was the LAN (consisting of this computer (XP) and the 2nd computer (2K). I assigned that as the Trusted Zone because these two computers share folders and printers... I hope I did right.

I'm sorry if this isn't making much sense but I'm not really used to dealing with firewalls. In the years past I've pretty much gone with default settings with whatever I've been using, so long as it has worked. I think this time around a lot more tweaking is needed.

This is the scenario:

Two computers, one is a DELL running XP Pro, the other is a COMPAQ running Windows 2000 Advanced Server (My father-in-law's old copy, he didn't need it anymore and I don't have the workstation version so I'm running that as a desktop OS). Both are connected to a Zonet ZSR0104CP router, which is then connected to a cable modem, Arris TM402G/110. The Arris, as far as I know, doesn't have any firewall capabilities. The router DHCPs the two comps from a range of two possible IPs. The Zonet doesn't have firewall set up because its firewall cannot be configured correctly for an application on the DELL to be able to function.

The DELL is running ZoneAlarm. The COMPAQ at the moment has no firewall configured. Then again it is a server OS so I'd assume it's relatively locked down by default.

Some questions:

1. Does the COMPAQ need to be running its own firewall application?

2. The Trusted Zone in ZoneAlarm is specified as 192.168.1.0. 192.168.1.1 is the router...what does 192.168.1.0 refer to?

Since installing ZoneAlarm, web browsing has gotten slow, and I am getting server response failures for no reason.

I feel like this is unnecessarily complicated. If you have any suggestions as to how make this simpler, I welcome the input.

08-18-2006, 03:08 PM	#1 (permalink)
Prince /nɑndəsˈkrɪpt/ Location: LV-426	firewall config I prefer to use at least some kind of firewall. For a while, I've been relying on my router's firewall, with the addition of Windows Firewall... However I've run into some issues that are forcing me to find an alternative way, and I am having trouble with it. Essentially, I have trouble configuring a firewall. I am using an application which requires a wide range of open ports for communication across the Internet. Wide as in 50000-65535. My router's firewall does not allow opening a range of ports, which renders the application unusable. So, I "dmz'd" as best as I could the router's firewall, and set up ZoneAlarm, since I don't believe Windows Firewall allows opening port ranges either. At least I didn't see such an option when I looked it over. I'd rather use Windows Firewall but I don't know if it can do what I need it to do. However, if I use the recommended setting for Internet, the High security setting, I can't even browse the Internet. Medium setting works, but I hate feeling like I am jeopardizing something security-wise. Furthermore, I am feeling uneasy as to what ZA is considering to be the Trusted Zone. When I installed it, it identified a "network" which I assumed was the LAN (consisting of this computer (XP) and the 2nd computer (2K). I assigned that as the Trusted Zone because these two computers share folders and printers... I hope I did right. I'm sorry if this isn't making much sense but I'm not really used to dealing with firewalls. In the years past I've pretty much gone with default settings with whatever I've been using, so long as it has worked. I think this time around a lot more tweaking is needed. This is the scenario: Two computers, one is a DELL running XP Pro, the other is a COMPAQ running Windows 2000 Advanced Server (My father-in-law's old copy, he didn't need it anymore and I don't have the workstation version so I'm running that as a desktop OS). Both are connected to a Zonet ZSR0104CP router, which is then connected to a cable modem, Arris TM402G/110. The Arris, as far as I know, doesn't have any firewall capabilities. The router DHCPs the two comps from a range of two possible IPs. The Zonet doesn't have firewall set up because its firewall cannot be configured correctly for an application on the DELL to be able to function. The DELL is running ZoneAlarm. The COMPAQ at the moment has no firewall configured. Then again it is a server OS so I'd assume it's relatively locked down by default. Some questions: 1. Does the COMPAQ need to be running its own firewall application? 2. The Trusted Zone in ZoneAlarm is specified as 192.168.1.0. 192.168.1.1 is the router...what does 192.168.1.0 refer to? Since installing ZoneAlarm, web browsing has gotten slow, and I am getting server response failures for no reason. I feel like this is unnecessarily complicated. If you have any suggestions as to how make this simpler, I welcome the input. __________________ Who is John Galt?