I have a Linksys PPSX1 print server on a LAN with a PC running Window XP SP1. When I turn on the the Internet Connection Firewall, printing fails. I added an exception for port 9100. This didn't help. I also noticed that the port numbers used by the print server differ on each new printing attempt. I suspect the Windows Firewall is also blocking IPX packets that this (old) Linksys print server wants to use. Am I out of luck with the Windows Firewall and this device or does someone know of a simple fix?
"normk" wrote in news:1113192879.265535.241190 @f14g2000cwb.googlegroups.com:
I cannot say that you're out of luck with the XP FW and accessing the print server. The part of the PS using different high ports may be an issue. In just looking at the rules that can be made with the XP FW, it may hard to accomplish. What you need is FW that will allow you to set rules for a private side LAN IP or range of IP(s) that the FW will allow traffic, assuming that the printer sever has an IP. That way you're not concerned about the port(s) the traffic is coming in on.
If you're behind a router, then you should be able to use IPsec to protect the machine and set rules for LAN side IP(s). The AnalogX file if you implement it on the machine should give you a good foundation for setting-up LAN side IP(s) rules.
You can use IPsec or another PFW solution that will allow FW rules by IP to be given.
I have a print server on my network and my laptop that has BlackIce installed has no problems with LAN side IP(s) behind the Watchguard FW appliance that issuing DHCP IP(s), because of LAN IP(s) rules that allow BI on the laptop to allow traffic flow.
I normall post on top (top post), but since this thread followed another path, I'll post here.... ;-}~
I am not sure your firewall will affect your IPX connectivity, but it has been a long time since i have used Windows in an IPX environment... however, if your print server is ONLY listening for IPX connections, your port 9100 permission is not being used anyhow...
first course is to remove IPX from the linksys if possible... also, remove (disable) the firewall from your PC and try to telnet to port
9100 on your printer... if you get connected, getter done! haha
some of what I just typed was (to a degree) already addressed in your original post (I know) but I still felt like there may have been some confusion w/ how this service works, so I posted it anyhow...
Also, the Windows native firewall also permits access by program, not just port... you could enable the spool service to command any port it likes if you prefer. Your print server, however, should NOT accept print requests on any port other than 9100 unless other problems or custom configs exist... your computer may request the connection to your print server on a LOCAL port other than port 9100, but the target port should alwasy be 9100....
on another note, like Duane suggested, the firewall is somewhat overkill on your protected LAN... The only thing that is really protecting you from on your LAN is local (internal) hackers (AKA, nosey co-workers), or co-workers who are infected with worms or other exploiting programs that may try to exploit you...