Can anyone help me out? I am finding that after prolonged inactivity (about an hour or so) I can no longer browse the internet or receive emails. Any site I visit gets a timed out message. However checking my connection to the router seems ok and also downloads that are currently underway continue but I can't browse. I am running XP (card fully patched) with a Texas Instruments wirelss card (latest drivers) and a ADSL Modem With Built-In 11g Wireless Router F5D7630uk4A (latest firmware). My internet connection is broadband via Tesco.net, I have Zone-Alarm and AEG anti virus software installed. I have WPA encryption setup.
The only fix i have found is to reboot my PC each time this happens. I have tried shutting down each of the connections in turn but that doesn't work.
If your DSL provider uses DHCP or PPPoE, is there a timeout set in the router to disconnect after xxx minutes of inactivity?
Is it Zone Alarm or Zone Alarm Pro? I vaguely recall that Pro has a feature where it automatically locks down a internet connection after xx minutes of inactivity. The problem can also occur if your router's IP is not in the "trusted zone". |
formatting link
very helpful, but a good clue.
Duz the TI wireless driver have a "power save" feature enabled? This turns off the wireless client after xxx minutes of inactivity.
Looks like it may have been Zone Alarm, I have added the router to the 'trusted zone' and hopefully that will solve it... I checked the other two points and they were set to continuous use so heres hoping...Thanks for your help.
snipped-for-privacy@hotmail.com wrote in news:1117363049.204237.21740 @g14g2000cwa.googlegroups.com:
I have heard of personal FW solutions that are configured to refuse connections if the machine has gone into some kind of standby mode or has gone to sleep. I would suggest that you disable ZA, since you're behind a router and see what happens.
The power save features in the BIOS may be enabled and shutting down parts of the system. These are independent of the operating system settings.
The power save (green) features in the computah may be shutting down. See: Control Panel -> Power Options Check all the pages for strange settings.
I'm fighting a similar problem right now my my new (used) Panasonic CF-34 Toughbook running W2K. I want to use the hibernate feature to activate when I close the laptop to extend battery life and so I don't have to wait an eternity while Windoze boots. That works, but upon restart, all wireless activity is hung. I have to reboot to recover. It happens with 3 different model PCMCIA wireless cards and drivers. When I run Netstumbler 0.4.0 continuously, if the laptop goes into hibernate or sleep mode even for a few seconds, the wireless driver is hung.
Well, you should find another PFW or packet filtering solution at the machine level that doesn't go into some ridiculous Internet lock-out mode, which is not needed behind a router. :)
It doesn't go into "Lock" mode mode unless you want it to ,if he had gone into "Lock" mode his downloads would have terminated unless he had specifically set the "pass lock" option for the program he was using.
NBT wrote in news:d7da7j$4q9$ snipped-for-privacy@domitilla.aioe.org:
I have to say it. Thank GOD I have gotten rid of all that *much to do about nothing* kind of PFW solutions snake-oil off of my machines, although I do keep one active on the laptop due to it's possible mobility. ;-)
The local network will always be the "trusted zone". However, the message said "router" not "local network". The problem is that there are setups where the router is outside the IP address block defined by the netmask. Some ancient Windoze incantations wouldn't allow this, but it was fixed long ago. For example, you could have a LAN at the typical 192.168.0.0/24 but have the router at 192.168.123.123. This is possible if you have multiple routers and/or multiple remote offices connected by static routes. It works, but ZoneAlarm needs to know about the routers that are outide the "local network" and therefore outside the "trusted zone".
Yep. I bought a $15 no-name USB2 to ethernet adapter that had a power save feature in firmware. The problem was that when it decided to go into power save, it would notify the Advanced Power Management pretzel that it was time to shut down, and literally turned off the computah. I eventually found the setting buried in the network properties for the device, and disarmed the monster.
Agreed. It works well on my Micron Trek2 and Compaq 1620 with the same cards, and on all of my customers laptops. However, this Toughbook CF-M34 seems to a problem. What's different about this one is the useless internal CDPD RF modem and the touchscreen. There's a feature where the CDPD is still alive even when the laptop is in hibernate so that incoming calls are not lost. I'm guessing that it's somehow related to the wireless card going comatose. There's also a MiniPCI slot that's currently occupied by a 56K modem. I have some MiniPCI 802.11b/g cards I can try.
Your local network should always be in the trusted zone (I assume you /do/ trust the other devices on your local network...). Otherwise ZA will block all sorts of essential stuff.
And some devices may have yet more power-save features of their own, accessible via their driver or config utility.
FYI this works ok with my Toshiba, so it /can/ be done.
Actually it didn't work - I just had the timeout problem again. The funny thing is the only thing that works is searching on google. Weird. Anyway I shut down zone alarm and thing work fine - my internet connection actually seems alot faster.
Any further ideas? I could just use the XP firewall software instead?! What does Zone Alarm actually do? Does it actually just block access to your PC from unknown IP addresses not listed as apps on my machine that talk to the internet? If switched off can people easily hack or view my machine via the router? Duane you seem to think not - what protection does my router give me?
I would not put my local network into the trusted zone.
I might specify the address of a machine or two. I ran ZA on all of my home computers and laptop, and shared files and printers. Someone gaining access to my wireless network is still blocked.
When I connect to some public WiFi, I would not like for that to be a trusted network.
"hornbyrob" wrote in news: snipped-for-privacy@g49g2000cwa.googlegroups.com:
The NAT router gives you protection by not forwarding unsolicited inbound traffic to the machines behind the router. That unsolicited inbound traffic would be scans and attacks. If a program running on a machine behind the router solicits traffic from a remote IP, the router is going to allow the inbound traffic back to the machine. Otherwise, all inbound traffic is dropped by the router. And if the router has SPI it's even a little better.
The link further explains the protection that the NAT router provides.
formatting link
What people use a PFW solution for is to stop outbound traffic if the solution can stop outbound by, port, protocol or IP, since most NAT routers for home usage cannot do it. And some think that by using the worthless snake oil Application Control that it is some form of protection to stop outbound behind a NAT router due to a Trojan or malware. It's not as malware can circumvent a defeat any of it if the conditions are right.
There is IPsec that is on the machine that can stop inbound or outbound by port, protocol or IP if you need something like that to supplement the NAT router.
formatting link
You implement the AnalogX IPsec rules and you have instant protection behind the NAT router on the machine. The only thing with Ipsec is that it blocks the High ports by default, which gets in the way when doing file downloads from a site and you'll have to drop IPsec or set the rules to open the port on IPsec to allow the traffic. But how often are you doing to do that. Ipsec is just a suggestion.
It's too bad that the Belkin doesn't have logging where you can view the inbound and outbound traffic by local and remote IP(s). You would use the routers logs to see if connections are being made to dubious IP(s).
You can use Active Ports (free) and put a Short-cut in the Start-up folder to watch connections at boot and basically anytime you want to start watching connection to the machine.
It's either that, use XP's FW or find another PFW solution that's not going to give you any problems.
Like I said, I'm assuming you trust your local machines.
And frankly if someone has broken your wireless security, the data on your PCs is probably owned already, since a bad guy could simply clone one of your 'approved' IPs and ZA would let him right in.
Plus unless you're a company, they're not after your files, they're after free internet which they already have .
But in general it a non-idiotic approach. Layers are always good.
This is correct and I didn't say "put your public WiFi connections into the trusted zone".
You appear to have either a misconfigured ZA or it's Database has become corrupted and you are unable to have reliable access to your DNS servers. In older versions of ZA free it was recommended to place the IP's of your DNS servers into your "Trusted zone" and make sure that the GHP(generic host process) program was allowed access to the Internet and not blocked. If the Database is corrupt see:-
formatting link
If you decide to remove ZA there is a chance that your problem will persist as it does not always remove all of it's components.To do a complete uninstall see:-
Any science fiction robotics story will clue you as to how far you should trust machines. Give them enough CPU cycles and they'll take over the world.
(...)
I just installed the free version of ZoneAlarm on a customers PC. There's a setting under "Program Control" called "Internet Lock". The default is "off" with a "custom" option to "Lock when screensaver activates". It didn't take long to test and find that if I initiate a copy from the LAN, and the screen saver activates, the copy bombs as soon as the screen blanker kicks in. There's an option to "allow pass-lock programs to access the internet", but that didn't seem to work for LAN file transfers. I left it off.
Sorry guys, The internet lock wasn't engaged. What i did reduce was a number of my security settings on Zone Alarm to medium. I can't remember what the settings were as i am writing this at work. This seems to have solved the issue. These controls were around the use of specific programmes so maybe that had some influence over what i could and couldn't use...
Did you try enabling "pass lock" on the programs that were being used for file transfers? From the "Help" file:-
"When the Internet Lock is engaged, programs given pass-lock permission can continue to access the Internet. If you grant pass-lock permission to a program, and that program uses other applications to perform its functions (for example, services.exe), be sure to give those other programs pass-lock permission as well. A key symbol in the Lock column indicates that the program has pass-lock privilege.
To grant or revoke pass-lock privilege:
Select Program Control|Programs. Select a program from the list, then click in the Lock column. Select Pass Lock or Normal from the shortcut menu."
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.