Kerio 4.1.10 problem

Discussion in 'NZ Computing' started by mario, Feb 14, 2004.

  1. mario

    mario Guest

    I've installed Kerio firewall which I can't seem to get quite right.

    I have two computers networked via a switch. My connection is cable,
    running XP pro on both computers.
    Now with Kerio running I can browse my network and transfer files
    between the two computers no problem. I can surf the net from the
    computer that is connected directly to the net.

    The problem I have is that I can't surf the net from the other computer.
    As soon as I drop the firewall I can surf the net.

    Kerio picks up both network cards correctly.
    I've tried IP address/mask (192.168.0.1/255.255.255.0) and IP
    address/range (192.168.0.1/192.168.0.255) for the network card in the
    trusted area. The network card is manually fixed to 192.168.0.1.

    I get connection to..........then it times out.

    XP firewall is disabled.

    Any pointers would be gratefully accepted.

    mario
     
    mario, Feb 14, 2004
    #1
    1. Advertising

  2. mario

    Enkidu Guest

    On Sun, 15 Feb 2004 10:43:24 +1300, mario
    <> wrote:

    >I've installed Kerio firewall which I can't seem to get quite right.
    >
    >I have two computers networked via a switch. My connection is cable,
    >running XP pro on both computers.
    >Now with Kerio running I can browse my network and transfer files
    >between the two computers no problem. I can surf the net from the
    >computer that is connected directly to the net.
    >
    >The problem I have is that I can't surf the net from the other computer.
    >As soon as I drop the firewall I can surf the net.
    >
    >Kerio picks up both network cards correctly.
    >I've tried IP address/mask (192.168.0.1/255.255.255.0) and IP
    >address/range (192.168.0.1/192.168.0.255) for the network card in the
    >trusted area. The network card is manually fixed to 192.168.0.1.
    >
    >I get connection to..........then it times out.
    >
    >XP firewall is disabled.
    >
    >Any pointers would be gratefully accepted.
    >

    Have yopu tried lookingin the logs?

    Cheers,

    Cliff
     
    Enkidu, Feb 14, 2004
    #2
    1. Advertising

  3. mario

    mario Guest


    > Have yopu tried lookingin the logs?
    >
    > Cheers,
    >
    > Cliff


    Both network/system logs are empty.
    I'm no expert so even if they was something there It would be double
    dutch to me :).

    mario
     
    mario, Feb 14, 2004
    #3
  4. mario wrote:
    > Both network/system logs are empty.
    > I'm no expert so even if they was something there It would be double
    > dutch to me :).


    The Kerio logs?
    It may well be dropping packets from your internal machines too.

    --
    Http://www.Dave.net.nz
    Play Hangman
    Register, and play Space Invaders or Pacman.
     
    T.N.O. - Dave.net.nz, Feb 14, 2004
    #4
  5. mario

    Roger_Nickel Guest

    mario wrote:
    > I've installed Kerio firewall which I can't seem to get quite right.
    >
    > I have two computers networked via a switch. My connection is cable,
    > running XP pro on both computers.
    > Now with Kerio running I can browse my network and transfer files
    > between the two computers no problem. I can surf the net from the
    > computer that is connected directly to the net.
    >
    > The problem I have is that I can't surf the net from the other computer.
    > As soon as I drop the firewall I can surf the net.
    >
    > Kerio picks up both network cards correctly.
    > I've tried IP address/mask (192.168.0.1/255.255.255.0) and IP
    > address/range (192.168.0.1/192.168.0.255) for the network card in the
    > trusted area. The network card is manually fixed to 192.168.0.1.
    >
    > I get connection to..........then it times out.
    >
    > XP firewall is disabled.
    >
    > Any pointers would be gratefully accepted.
    >
    > mario

    Running Internet Connection Sharing?
     
    Roger_Nickel, Feb 15, 2004
    #5
  6. mario

    mario Guest

    Yeap, using XP to share my internet connection.
    Maybe sacrificing a chicken might help :).

    mario

    Roger_Nickel wrote:

    > Running Internet Connection Sharing?
    >
     
    mario, Feb 15, 2004
    #6
  7. mario

    Chris Guest

    mario <> wrote in
    news:1ywXb.24174$:

    > I've installed Kerio firewall which I can't seem to get quite right.
    >
    > I have two computers networked via a switch. My connection is cable,
    > running XP pro on both computers.
    > Now with Kerio running I can browse my network and transfer files
    > between the two computers no problem. I can surf the net from the
    > computer that is connected directly to the net.
    >
    > The problem I have is that I can't surf the net from the other computer.
    > As soon as I drop the firewall I can surf the net.
    >
    > Kerio picks up both network cards correctly.
    > I've tried IP address/mask (192.168.0.1/255.255.255.0) and IP
    > address/range (192.168.0.1/192.168.0.255) for the network card in the
    > trusted area. The network card is manually fixed to 192.168.0.1.
    >
    > I get connection to..........then it times out.
    >
    > XP firewall is disabled.
    >
    > Any pointers would be gratefully accepted.
    >
    > mario
    >


    Does your cable modem connect to the switch (i assume it does) or one of
    the PC's. IF it connects to the switch then I don't see why you would need
    the internet sharing conection enabled (I didn't using an ADSL Router
    connected to my switch) orthough I should point out I was running W98SE.

    I do know someone that has 3 PC's running Windows XP using ICS but the PC
    doing the sharing has 2 network cards - 1 connected to their Router, the
    other connected to their switch.

    In my setup I had Kerio installed on each PC with no ISC running.

    --
    Chris

    "Two men walk into a bar. You'd think the second one would've ducked..."
     
    Chris, Feb 15, 2004
    #7
  8. In article <1ywXb.24174$>,
    says...
    > I've installed Kerio firewall which I can't seem to get quite right.
    >
    > I have two computers networked via a switch. My connection is cable,
    > running XP pro on both computers.
    > Now with Kerio running I can browse my network and transfer files
    > between the two computers no problem. I can surf the net from the
    > computer that is connected directly to the net.
    >
    > The problem I have is that I can't surf the net from the other computer.
    > As soon as I drop the firewall I can surf the net.
    >
    > Kerio picks up both network cards correctly.
    > I've tried IP address/mask (192.168.0.1/255.255.255.0) and IP
    > address/range (192.168.0.1/192.168.0.255) for the network card in the
    > trusted area. The network card is manually fixed to 192.168.0.1.
    >
    > I get connection to..........then it times out.
    >
    > XP firewall is disabled.
    >
    > Any pointers would be gratefully accepted.
    >
    > mario
    >



    If you are using a NAT type forwarding software on the gateway machine,
    you will need to enable gateway mode on Kerio Firewall.

    Otherwise, use proxy forwarding software and the firewall will work as
    it is (my preferred option)

    If I am being too obscure, let me know and I'll elaborate tonight :)

    -Peter
     
    Peter Huebner, Feb 15, 2004
    #8
  9. mario

    mario Guest

    The cable modem connects to one of the pc's.
    So that computer has 2 network cards, one for the internet connection
    and one for the the local network. If I don't have ICS running then web
    browsing from the other computer doesn't work.

    So for some reason kerio is stopping the networked computer from web
    browing but doesn't stop it from transferring file between the two
    computers.

    mario

    Chris wrote:

    > Does your cable modem connect to the switch (i assume it does) or one of
    > the PC's. IF it connects to the switch then I don't see why you would need
    > the internet sharing conection enabled (I didn't using an ADSL Router
    > connected to my switch) orthough I should point out I was running W98SE.
    >
    > I do know someone that has 3 PC's running Windows XP using ICS but the PC
    > doing the sharing has 2 network cards - 1 connected to their Router, the
    > other connected to their switch.
    >
    > In my setup I had Kerio installed on each PC with no ISC running.
    >
     
    mario, Feb 16, 2004
    #9
  10. mario

    mario Guest

    I'm not using nat forwarding. I've had no experience with it and if it
    bit me on the (_!_) I wouldn't know.

    It's just that I find it strange that the firewall stops web browsing
    but not browsing my network. There must be a setting within Kerio but
    I'm buggered if I can see it. I'll keep googling in between banging my
    head on a brick wall :).

    mario

    Peter Huebner wrote:

    > If you are using a NAT type forwarding software on the gateway machine,
    > you will need to enable gateway mode on Kerio Firewall.
    >
    > Otherwise, use proxy forwarding software and the firewall will work as
    > it is (my preferred option)
    >
    > If I am being too obscure, let me know and I'll elaborate tonight :)
    >
    > -Peter
     
    mario, Feb 16, 2004
    #10
  11. mario

    Chris Guest

    mario <> wrote in
    news:CtUXb.24416$:

    > The cable modem connects to one of the pc's.
    > So that computer has 2 network cards, one for the internet connection
    > and one for the the local network. If I don't have ICS running then
    > web browsing from the other computer doesn't work.
    >
    > So for some reason kerio is stopping the networked computer from web
    > browing but doesn't stop it from transferring file between the two
    > computers.
    >
    > mario
    >
    > Chris wrote:
    >
    >> Does your cable modem connect to the switch (i assume it does) or one
    >> of the PC's. IF it connects to the switch then I don't see why you
    >> would need the internet sharing conection enabled (I didn't using an
    >> ADSL Router connected to my switch) orthough I should point out I was
    >> running W98SE.
    >>
    >> I do know someone that has 3 PC's running Windows XP using ICS but
    >> the PC doing the sharing has 2 network cards - 1 connected to their
    >> Router, the other connected to their switch.
    >>
    >> In my setup I had Kerio installed on each PC with no ISC running.
    >>


    I don't know the exact solution to your problem sorry, as I set mine up the
    other way round (each computer connected to the switch along with the
    Router).

    In my kerio setup in the Microsoft networking tab, I have, in the trusted
    group list the IP of the Router - maybe you need to have the IP of the
    network card that connects to your modem as well or the IP of the network
    card that connects to the switch (from your main PC - the 1 with 2 network
    cards) as that is IP that connects to the ICS software. i.e

    2nd PC NIC -> switch -> main PC NIC -> ICS -> other NIC -> modem

    Good luck

    --
    Chris

    "Two men walk into a bar. You'd think the second one would've ducked..."
     
    Chris, Feb 16, 2004
    #11
  12. In article <IzUXb.24417$>,
    says...
    > I'm not using nat forwarding. I've had no experience with it and if it
    > bit me on the (_!_) I wouldn't know.
    >
    > It's just that I find it strange that the firewall stops web browsing
    > but not browsing my network. There must be a setting within Kerio but
    > I'm buggered if I can see it. I'll keep googling in between banging my
    > head on a brick wall :).
    >
    > mario


    You *are* using NAT forwarding, that is what Windows ICS does <grin>
    (network address transfer protocol)

    It makes perfectly good sense to me that your lan is working fine (Kerio
    is pretty good at making out which network card is local, which is
    external network), but the internet is blocked.

    Here's what you do: fire up the Kerio interface by double clicking on
    the icon in the systray.
    Click on the Overview tab on the left.
    Click on the Preferences tab along the top.
    Check the "enable gateway mode" box (second from the top).

    Should work now. I think you need to pay, though, to have the gateway
    mode work permanently ( I am not even sure if it will work at all with
    the trial version - you have to look at their website or the help file
    to find that out).

    =========

    Alternative: install a program like Wingate or Winroute and set it up as
    a proxy forwarding gateway. Then the firewall will not interfere with it
    at all - but you need to set up the client machine so it accesses the
    gateway machine's proxy instead of the internet directly.

    kind regards, -Peter
     
    Peter Huebner, Feb 16, 2004
    #12
  13. mario

    Enkidu Guest

    Hi Mario,

    Have a look at this. It's from the help for ICS. I don't know if it
    helps, but I do know that ICS likes to assign IP addresses itself,
    dynamically. So if you have fixed IP addresses it will try to reassign
    them.

    "Important

    You should not use this feature in an existing network with Windows
    2000 Server domain controllers, DNS servers, gateways, DHCP servers,
    or systems configured for static IP addresses.
    The ICS host computer needs two network connections. The local area
    network connection, automatically created by installing a network
    adapter, connects to the computers on the home or small office
    network. The other connection, using a 56k modem, ISDN, DSL, or cable
    modem, connects the home or small office network to the Internet. You
    need to ensure that ICS is enabled on the connection that has the
    Internet connection. By doing this, the shared connection can connect
    your home or small office network to the Internet, and users outside
    your network are not at risk of receiving inappropriate addresses from
    your network.
    When you enable Internet Connection Sharing, the local area network
    connection to the home or small office network is given a new static
    IP address and configuration. Consequently, TCP/IP connections
    established between any home or small office computer and the ICS host
    computer at the time of enabling ICS are lost and need to be
    reestablished."

    Cheers,

    Cliff


    On Mon, 16 Feb 2004 13:57:06 +1300, mario
    <> wrote:

    >The cable modem connects to one of the pc's.
    >So that computer has 2 network cards, one for the internet connection
    >and one for the the local network. If I don't have ICS running then web
    >browsing from the other computer doesn't work.
    >
    >So for some reason kerio is stopping the networked computer from web
    >browing but doesn't stop it from transferring file between the two
    >computers.
    >
    >mario
    >
    >Chris wrote:
    >
    >> Does your cable modem connect to the switch (i assume it does) or one of
    >> the PC's. IF it connects to the switch then I don't see why you would need
    >> the internet sharing conection enabled (I didn't using an ADSL Router
    >> connected to my switch) orthough I should point out I was running W98SE.
    >>
    >> I do know someone that has 3 PC's running Windows XP using ICS but the PC
    >> doing the sharing has 2 network cards - 1 connected to their Router, the
    >> other connected to their switch.
    >>
    >> In my setup I had Kerio installed on each PC with no ISC running.
    >>
     
    Enkidu, Feb 16, 2004
    #13
  14. mario

    mario Guest

    Thanks to all that gave advice.
    Clicking on "enable gateway" worked a treat :). So a big thanks to Peter.
    Perhaps I need to get my eyes checked as it was staring right at me.

    I'm happy now, I can surf the net and play bf1942 without having to drop
    the firewall.

    mario
     
    mario, Feb 16, 2004
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. deemac

    Kerio Personal Firewall

    deemac, Jun 30, 2003, in forum: Computer Support
    Replies:
    9
    Views:
    804
    Blinky the Shark
    Jul 2, 2003
  2. mhicaoidh

    Kerio 2.1.5 blocking MS SQL remote server

    mhicaoidh, Sep 1, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    939
    mhicaoidh
    Sep 1, 2003
  3. rifleman

    Kerio Personal fire wall VERY slow to load in XP

    rifleman, Sep 2, 2003, in forum: Computer Support
    Replies:
    6
    Views:
    1,305
    CSCMikrotuki
    Sep 20, 2006
  4. Replies:
    0
    Views:
    366
  5. Kerodo

    Kerio 2.1.5 problem?

    Kerodo, May 9, 2004, in forum: Computer Security
    Replies:
    6
    Views:
    685
    Kerodo
    May 10, 2004
Loading...

Share This Page