firewalls in LAN

[JD Young]

Hi,

I just setup a LAN (local area network) with two PC's at my home. It seems
that the firewalls in these PC's prevent each other from communicating in
some situations. To make it work, I have to turn off the firewalls in
Windows and in the anti-virus programs on both PC's (i.e. four firewalls are
turned off). I was told that the router should play the role of firewall
instead. Does every router have a firewall? If my router (DLink) has a
firewall, can I count on it without the help from the 4 firewalls I just
turned off? Your help is appreciated.

Tony

 

[Shenan Stanley]

I just setup a LAN (local area network) with two PC's at my home. It seems
that the firewalls in these PC's prevent each other from
communicating in some situations. To make it work, I have to turn
off the firewalls in Windows and in the anti-virus programs on both
PC's (i.e. four firewalls are turned off). I was told that the
router should play the role of firewall instead. Does every router
have a firewall? If my router (DLink) has a firewall, can I count
on it without the help from the 4 firewalls I just turned off?

No - not every router has a firewall. What it *is* likely doing is NAT...
Which means it is not just allowing traffic from the internet through -
unless requested from your side or purposely configured to allow it.

However - for file/printer sharing, etc - you *do not*have to turn your
Windows Firewall off. Simnply configure it (add an exception) so that File
and Print sharing are allowed on the Local Area Network (LAN). You can do
the same for Remote Desktop, Remote Assistance, and anything else you can
find the ports to allow for.

 

[Maincat]

Hi,

I just setup a LAN (local area network) with two PC's at my home. It
seems that the firewalls in these PC's prevent each other from
communicating in some situations. To make it work, I have to turn off the
firewalls in Windows and in the anti-virus programs on both PC's (i.e.
four firewalls are turned off). I was told that the router should play
the role of firewall instead. Does every router have a firewall? If my
router (DLink) has a firewall, can I count on it without the help from the
4 firewalls I just turned off? Your help is appreciated.

Tony

Read your router manual.
Configure the firewalls in your Internet Security package as per the manual
for that package.
Do not count on your router firewall.

 

[Jim]

Hi,

I just setup a LAN (local area network) with two PC's at my home. It
seems that the firewalls in these PC's prevent each other from
communicating in some situations. To make it work, I have to turn off the
firewalls in Windows and in the anti-virus programs on both PC's (i.e.
four firewalls are turned off). I was told that the router should play
the role of firewall instead. Does every router have a firewall? If my
router (DLink) has a firewall, can I count on it without the help from the
4 firewalls I just turned off? Your help is appreciated.

Tony

Your first problem is that you have more than one anti-virus program on both
computers. One is quite sufficient; in fact more than one will usually
result in an AV war. You also need only one firewall per computer.

If, after correcting you AV and firewall situation, you still have trouble,
the most likely reason is that you have not configured your firewalls
correctly. Refer to the websites of MVP Chuck and NVP Jack for
instructions.

Jim

 

[JD Young]

Hi Jim,

I don't have more than one anti-virus programs in either machine. What I
was talking about is an anti-virus program and the XP built-in "windows
Firewall". With the presence of the anti-virus program , I suppose I
should turn off the XP's built-in firewall. Please correct me if I am
wrong.

Thanks.
Tony

 

[DL]

1) Running both winxp Firewall and a third party Firewall will cause
conflicts and may result in niether functioning correctly, as you have
found.
2) Use either the win firewall or your third party firewall not both
3) A router may be a NAT enabled one, which is similar to a software
firewall, but not the same, and no you shouldnt rely on it.
Once you have decided on which firewall you are going to use there are
different methods of allowing the PC's to communicate.
Personally I prefere the third party Firewall as usually it prevents both
outgoing and incoming, whereas the default win firewall only acts on
incoming.
A third part Firewall usually has some option on its settings to auto
configure PC sharing

 

[Shenan Stanley]

I just setup a LAN (local area network) with two PC's at my home. It seems
that the firewalls in these PC's prevent each other from
communicating in some situations. To make it work, I have to turn
off the firewalls in Windows and in the anti-virus programs on both
PC's (i.e. four firewalls are turned off). I was told that the
router should play the role of firewall instead. Does every router
have a firewall? If my router (DLink) has a firewall, can I count

Your first problem is that you have more than one anti-virus
program on both computers. One is quite sufficient; in fact more
than one will usually result in an AV war. You also need only one
firewall per computer.
If, after correcting you AV and firewall situation, you still have
trouble, the most likely reason is that you have not configured
your firewalls correctly. Refer to the websites of MVP Chuck and
NVP Jack for instructions.

I don't have more than one anti-virus programs in either machine. What I
was talking about is an anti-virus program and the XP
built-in "windows Firewall". With the presence of the anti-virus
program , I suppose I should turn off the XP's built-in firewall. Please
correct me if I am wrong.

Your original post had you turning off four firewalls.
" (i.e. four firewalls are turned off). "

What antivirus application do you have? Is it *just* antivirus?

In any case - you are worrying over a little thing here.

First - yes your router provides some protection from the outside world.
Much like the Windows XP firewall - to many it is considered *not* a true
firewall. It only keeps un-requested traffic from entering.

Should you turn off your Windows Firewall...? I say *no*. You gain nothing
and lose another line of defense that you should have to do very little to
keep up. Having two walls - in this case - is better than having just one.

However - as I stated in my original response to your question - you need to
configure the Windows Firewall to do what you want - which seems to be File
and Printer Sharing....

How to configure the Windows Firewall feature in Windows XP Service Pack 2
http://support.microsoft.com/kb/875356

Configuring Windows Firewall Exceptions
http://www.microsoft.com/technet/security/smallbusiness/prodtech/windowsxp/cfgfwall.mspx#EWEAC

If you turn on the File & Printer exception - you should be able to share
files and share a printer between the computers on your network. It leaves
the firewall on so if someone does get through your router (if you have not
changed the defaults on it/kept its firmware updates - it is possible it is
easily hacked) - they also have to get through your Windows firewall. Why
have only one door that requires minimal effort to maintain when you could
have two...?

 

[Ken Blake]

Hi Jim,

I don't have more than one anti-virus programs in either machine. What I
was talking about is an anti-virus program and the XP built-in "windows
Firewall". With the presence of the anti-virus program , I suppose I
should turn off the XP's built-in firewall. Please correct me if I am
wrong.

Yes, that's wrong. You need *both* an anti-virus program and a firewall. In
fact you need three kinds of software to protect you:

1. An anti-virus program.

2. Two or more (no single one is good enough) anti-spyware programs.

3. A firewall.