Hi everyone! The situation is: two computers one runnig win7 other winxp both running Norton internet security 2011 connected to home network with crossover cable, no passwords. In Norton firewall i turn off automatic program control and doing everything manual. The computer running winxp is the computer which is connected to internet(throw pppoe) and sharing connection with other. IP addressess is on the first - 192.168.0.1 subnet 255.255.255.0 (on the first) and second is 192,168.0.2 with subnet 255.255,255,0.
No others computers are connected to homenetwork.
My questions are: how to proper manual configurate ports and addresses so only these two computers commnunicate and no others, when Norton is asking me for that first time is asking about some ip 192.168.255.255 or others that is not on my network, and every time i do manual config i failed to do right, i know that ports 137 , 138, a 139 must be open;connection is only connection to others computers or to others and from others in northon firewall; i do almost everything and no success.
Please help.
p.s. And it is good to change ip addresses for home network from 192.xxx.xxx.xxx to for i.e. 172.16.100,1 or other?
When the last octet of an IP address is 255 this means it's a broadcast (it sends to all devices on that network). So your 192.168.255.255 is the broadcast address for all devices on your 192.168.*.* network. Since your network only has two devices it should be fine to allow this address on Norton.
Are you using a router for the internet? What's the local IP for the router?
*EDIT* - As long as there are no other devices connected to the network with a 192.168.x.x address then allowing the broadcast address should be fine.
Sorry, starting a few years ago, NIS no longer supports internet connection sharing or peer to peer networks.
Your host computer is actually using 2 IP addresses, one for the WAN (internet) and one for the LAN (crossover to second compter). In an internet connection sharing setup both these IP addresses are in use simultaneously and that is something the NIS firewall can no longer do.
Easy solution is to get a router, internet connection sharing is actually very rarelyy used anymore with routers being so inexpensive these days.
I'm going to make a little correction. I said that peer to peer is not supported and I should have said that it is not supported if one of the systems is also connected to the internet. A strict peer to peer connection between 2 computers is supported but if you think about it you really have no need for a firewall in that situation, you would not be connecting 2 systems in the first place if you didn't trust them.
A lot of people thought they could get a internet connection sharing setup to work by using the network security map to "trust" the 2 computers in the peer to peer setup. It may even actually appear to work but sooner or later it will fail and your not really protecting the second computer if you think it through.
That second computer is trusting the gateway computer, but since everything coming from the internet is routed through that gateway computer the firewall has no way to determine what is actually coming from the internet and not normal LAN traffic.
It's also not just Norton, I have peronally seen and used several firwalls that had the same problem and ran into nothing but problems trying to get the second computer to even consistantly be able to use the internet going through 2 firewalls like that.
A router truly is the best solution and it also adds another layer of protection between both computers and the internet.
Hi againg guys! Thkans for the help and i use Symantec products from along time ago and from firewall i'm very pleased, the interface is user friendly and easy to conifugurate.
About router idea smileyhappy: thanks.
I manual conigurate everything (every program) with Norton Firewall from couple of years. Here is configuration that i used:
NIS Rules. Please folks view this settings about manual setting programs for Norton Firewall, because i'm at 100% sure that some of the rules need to be more secure and update. (If you have trouble to download it i will upload on skydrive, mediafire etc. or make torrent)
About coniguration i will allow on 1st computer :Alllow Connections to others computers ip 192.168.0.2 ports 137,138,139 and?" and for the second :Allow connections to others computers 192.168.0.1 same ports".
Question: In Norton Firewall: Allow Connection to otherscomputers mean - only download and upload to others computers or?
and Allow Connections to others and from others computes - download and upload to others and others upload to you right guys? or i'm wrong about this?
Manual rules is more secure than automatic program control of Norton Firewall and i see others computers on my isp network and don't want them to have access to home computes
Hi everyone! The situation is: two computers one runnig win7 other winxp both running Norton internet security 2011 connected to home network with crossover cable, no passwords. In Norton firewall i turn off automatic program control and doing everything manual. The computer running winxp is the computer which is connected to internet(throw pppoe) and sharing connection with other. IP addressess is on the first - 192.168.0.1 subnet 255.255.255.0 (on the first) and second is 192,168.0.2 with subnet 255.255,255,0.
No others computers are connected to homenetwork.
My questions are: how to proper manual configurate ports and addresses so only these two computers commnunicate and no others, when Norton is asking me for that first time is asking about some ip 192.168.255.255 or others that is not on my network, and every time i do manual config i failed to do right, i know that ports 137 , 138, a 139 must be open;connection is only connection to others computers or to others and from others in northon firewall; i do almost everything and no success.
Please help.
p.s. And it is good to change ip addresses for home network from 192.xxx.xxx.xxx to for i.e. 172.16.100,1 or other?
Manual rules is more secure than automatic program control of Norton Firewall and i see others computers on my isp network and don't want them to have access to home computes
The program control rules, manual or automatic, simply configure network access for various programs on your PC. The basic firewall function of blocking unsolicited incoming internet traffic and certain types of connections is governed by the General Rules. The default General Rules are all that you need to be protected. Modifying them or creating additional rules would only be necessary in very limited situations - and even then, usually it would be because the rules were too restrictive in a particular case, rather than being too permissive. Making any changes to the General Rules is not only unnecessary, it could easily create connectivity problems, or even lessen the firewall's effectiveness, if done incorrectly.
Given that there is no reason to alter the General Rules in order to block potentially malicious traffic from the internet, and that you seem to be making changes that would only affect devices on a wired LAN anyway (that has no computers on it other than the two you already wish to allow to connect), I don't really see what you are trying to accomplish. What you are doing isn't really going to provide any benefits in protection over what the firewall is already doing, and by creating additional rules that are not really needed, you are only making things unnecessarily tricky and complex: For example, Netbios ports are already blocked by the firewall General Rules, so there is no need to create additional rules for ports 137,138 and 139 for specific computers.
The situation is: two computers one runnig win7 other winxp both running Norton internet security 2011 connected to home network with crossover cable, no passwords. In Norton firewall i turn off automatic program control and doing everything manual. The computer running winxp is the computer which is connected to internet(throw pppoe) and sharing connection with other. IP addressess is on the first - 192.168.0.1 subnet 255.255.255.0 (on the first) and second is 192,168.0.2 with subnet 255.255,255,0.