unknown network (public network) discovered)

[Guest]

My PC is installed with Dutch version of Vista Business. Sorry when I miss
some correct naming.

PC is installed with a single 100MB NIC (intel add-on) and a dual GB NIC
(onboard NVIDIA).
Both my router and switch are not connected together. Idea is to have my
home backbone separated from the cable router with internet access.

The PC's 100 MB NIC is connected to my broadband router (Linksys BEFSR41)
and only TCP protocol enabled with DHCP (no other protocols).
When activating, internet connection works correct.
On the network center: all is turned off (network discovery, sharing files
etc) except password protected sharing.
Type of network loaded when activating or at startup PC = network (public
network).
So far so good.

Now, I disable the public network (100MB NIC) and enable both GB NIC's which
are directly connected to the linksys GB switch (SD2008).
Type discovered: unknown network(public network).
On both NIC settings, all protocols are set, except TCP/IPv6:
- Client for MS network,
- QoS packet planner,
- File and printersharing,
- TCP/IPv4 - definded addresses (no DHCP) with LMHOSTS lookup and NetBIOS
enabled)
- Link layer etc.

With public network discovered, no network detection and file sharing is
activated. Sounds acceptable.

So, I change public network to private network.
Now, unknown network (private network) is discovering other PC's and I can
access shared folders on the other XP's.
Access to internet does not work which is suposed to be so !
Within network center, shows full overview: twice my PC with link to switch
and other XP's.

Question 1: Why is it a 'unknown network'. I cannot find any option to
change this. Prefer to change it to Home (private network) or My (private
network).

Now, reboot with both GB nic's left enabled and 100 MB disabled.
The unknown network (private network) is turned in unknown network (public
network). Each time again.
Both GB NIC still onnected to the home switch and now, even by turning back
to private network, the other PC's can't be discovered anymore.

Result: remove both NIC's from hardware, reboot, default Vista install,
update drivers with vendor drivers, reboot, set back IP addresses,
disable/enable and turn public into private to get back workgroup PC's
visible.
Till next power-on.

Question 2: Why is the configuration for my home network, set to private
network, not hold after a restart of the computer.

Now the fun starts:
When all is finally set ok for the home network via dual GB NIC's and I
enable back the internet 100MB NIC:
Network detection and file sharing are turned off (no home network anymore).
Access to internet is ok, but home network is gone.

What I then do:
Within network window a message is prompted at top: network detection and
file sharing are turned off. Klick to change:
Activate network detection and file sharing + ok:
Do you want this applied on all public networks ?
I then select, turn public into private network.

So, now both my internet and home network become private networks and I can
back access my workgroup PC's,
but this time via the internet broadband router, not the home network over
switch.
It also takes longer before the other PC's are discovered.
Maybe now, also malicious persons on the internet can access too.
Here, the entire logica is gone, seems me.
Under Network Center - show entire network: private network on 100MB shows
nothing, private unknown network shows my PC, the switch but no other clients.

Another reboot, and my network (private network) 100MB remains as is
and the unknown network (private network) - both GB NIC's - are turned back
to unknown network (public network).
I can start over again.

Both Vista and XP's have the same accounts/passwords set and both types run
only MS Firewall.

Question 3: why are settings of my home network (known as 'unknown network
(private network) overruled once I turn on the NIC for internet access ?
Question 4: When I enable again network discovery/file sharing, it seems
only to take effect on the first connection which is the public network
connection
The private network for home use is ignored.

Any help is welcome. It's frustrating to have each time to run through the
setup again after a reboot.
Before, on XP, it was all set once and all could be managed from one place
out: network connections.
In Vista you have to pass from network - network center - network
connections back and forward: not a real improvement !

 

[Barb Bowman]

a router that provides NAT private class, non routable IP's and has
a good built in firewall should keep you protected. plus you can use
Windows Firewall (or a 3rd party firewall if you really feel it
necessary). it seems to me that you are going through a lot of
steps that aren't needed.

as I recall, the BEFSR41 is not a wireless router so you do not have
any of the wireless risks to deal with.

My PC is installed with Dutch version of Vista Business. Sorry when I miss
some correct naming.

PC is installed with a single 100MB NIC (intel add-on) and a dual GB NIC
(onboard NVIDIA).
Both my router and switch are not connected together. Idea is to have my
home backbone separated from the cable router with internet access.

The PC's 100 MB NIC is connected to my broadband router (Linksys BEFSR41)
and only TCP protocol enabled with DHCP (no other protocols).
When activating, internet connection works correct.
On the network center: all is turned off (network discovery, sharing files
etc) except password protected sharing.
Type of network loaded when activating or at startup PC = network (public
network).
So far so good.

Now, I disable the public network (100MB NIC) and enable both GB NIC's which
are directly connected to the linksys GB switch (SD2008).
Type discovered: unknown network(public network).
On both NIC settings, all protocols are set, except TCP/IPv6:
- Client for MS network,
- QoS packet planner,
- File and printersharing,
- TCP/IPv4 - definded addresses (no DHCP) with LMHOSTS lookup and NetBIOS
enabled)
- Link layer etc.

With public network discovered, no network detection and file sharing is
activated. Sounds acceptable.

So, I change public network to private network.
Now, unknown network (private network) is discovering other PC's and I can
access shared folders on the other XP's.
Access to internet does not work which is suposed to be so !
Within network center, shows full overview: twice my PC with link to switch
and other XP's.

Question 1: Why is it a 'unknown network'. I cannot find any option to
change this. Prefer to change it to Home (private network) or My (private
network).

Now, reboot with both GB nic's left enabled and 100 MB disabled.
The unknown network (private network) is turned in unknown network (public
network). Each time again.
Both GB NIC still onnected to the home switch and now, even by turning back
to private network, the other PC's can't be discovered anymore.

Result: remove both NIC's from hardware, reboot, default Vista install,
update drivers with vendor drivers, reboot, set back IP addresses,
disable/enable and turn public into private to get back workgroup PC's
visible.
Till next power-on.

Question 2: Why is the configuration for my home network, set to private
network, not hold after a restart of the computer.

Now the fun starts:
When all is finally set ok for the home network via dual GB NIC's and I
enable back the internet 100MB NIC:
Network detection and file sharing are turned off (no home network anymore).
Access to internet is ok, but home network is gone.

What I then do:
Within network window a message is prompted at top: network detection and
file sharing are turned off. Klick to change:
Activate network detection and file sharing + ok:
Do you want this applied on all public networks ?
I then select, turn public into private network.

So, now both my internet and home network become private networks and I can
back access my workgroup PC's,
but this time via the internet broadband router, not the home network over
switch.
It also takes longer before the other PC's are discovered.
Maybe now, also malicious persons on the internet can access too.
Here, the entire logica is gone, seems me.
Under Network Center - show entire network: private network on 100MB shows
nothing, private unknown network shows my PC, the switch but no other clients.

Another reboot, and my network (private network) 100MB remains as is
and the unknown network (private network) - both GB NIC's - are turned back
to unknown network (public network).
I can start over again.

Both Vista and XP's have the same accounts/passwords set and both types run
only MS Firewall.

Question 3: why are settings of my home network (known as 'unknown network
(private network) overruled once I turn on the NIC for internet access ?
Question 4: When I enable again network discovery/file sharing, it seems
only to take effect on the first connection which is the public network
connection
The private network for home use is ignored.

Any help is welcome. It's frustrating to have each time to run through the
setup again after a reboot.
Before, on XP, it was all set once and all could be managed from one place
out: network connections.
In Vista you have to pass from network - network center - network
connections back and forward: not a real improvement !

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[Guest]

Hi Barb,
Thanks for looking into my problem and for your advice.
Yes indeed, firewall will protect me.
Still, I do not understand why my settings are not kept after a reboot.
My home backbone is gone each time when I start-up and that's really ennoying.
Bye,
Marc

 

[Barb Bowman]

you don't appear to have DHCP serving addresses to the computers. I
can't tell what you are doing to assign IPs to them. But that would
explain the discovery problem if auto addressing 169.254.xxx.xxx
addressing is kicking in.

Hi Barb,
Thanks for looking into my problem and for your advice.
Yes indeed, firewall will protect me.
Still, I do not understand why my settings are not kept after a reboot.
My home backbone is gone each time when I start-up and that's really ennoying.
Bye,
Marc

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[Guest]

On both GB NIC for the home network (connected to the GB switch), I have set
fixed IP addresses (same subnet as the other XP's).
The FastEthernet NIC for public access is DHCP enabled and gets his address
from the broadband cable router.

All works ok when activated individual but not when activated simultaniously +
1: My home network is always discovered as 'unknown network'.
No option to change this (for example: Home (private network)).
2: My home network, changed to private network, is set back to public network
after restart.
3: The settings of my home network (network discovering/file sharing
enabled) are
turned off each time when I turn on my public network (internet access).
4: When I enable again network discovery/file sharing, because it is turned
of by
enabling the public network, I only have the option to enable it by
changing the
public into a private network.

Bye.

 

[Barb Bowman]

is the fast ethernet public NIC in a totally different subnet than
the internal segment? what is the addressing scheme from the router?
the static scheme/mask/gateway?

can you post full ipconfig /all outputs from the dual homed machine
in both a "working as I want" and a "non working" state?

also, is there anything interesting in any of the event logs?

On both GB NIC for the home network (connected to the GB switch), I have set
fixed IP addresses (same subnet as the other XP's).
The FastEthernet NIC for public access is DHCP enabled and gets his address
from the broadband cable router.

All works ok when activated individual but not when activated simultaniously +
1: My home network is always discovered as 'unknown network'.
No option to change this (for example: Home (private network)).
2: My home network, changed to private network, is set back to public network
after restart.
3: The settings of my home network (network discovering/file sharing
enabled) are
turned off each time when I turn on my public network (internet access).
4: When I enable again network discovery/file sharing, because it is turned
of by
enabling the public network, I only have the option to enable it by
changing the
public into a private network.

Bye.

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[adrianp]

Hi MRB,

I am frustrated too by this Vista behaviour. Some days ago I have
posted a similar subject but answers are far from the subject.
It looks that noone is accepting that Vista has an issue: with more
than one NIC (or VPN connection) YOU CANNOT SET PER-CONNECTION
SETTINGS IN NS&C (sharing center).

If you have multiple networks access, one of them dictates the entire
system behaviour. Either all are seen as Public, and you cannot
discover computers in your neighbourhood, or you must turn them ALL to
Private, and all the Internet can play your music or read your files.

My case is even worse as I have a UTP cable connection to the Internet
and with no router I am completely exposed in the all-Private mode. So
I must "hide" the local intranet too. And on top of this, I have a VPN
to another site that I cannot use. For now, my only way to work on the
Vista computer is to plug in and out cables, connecting to the network
that I want to access at a certain moment.
And for yhe VPN, which goes over the Internet (WAN) connection, I can
never make it Private (without making the entire Internet Private!!)
***

I think I can help with your intranet discovery name. After some weeks
or blind-search, this is what I discovered.
In order to have a name attached to a connection, there must be a
device on that net able to provide one or some fixed settings that can
be used as an identifier. Once the connection has a name, settings
will be saved over power-ups and you can then use "Manage network
connections" to setup options.
Some examples that worked with me.
1. I have named my Internet (outgoing) connection after my provider
and the name was internally attached by Vista (I guess) to the outside
IP settings (fixed!). It automatically discovers it each time I plug
the cable in.
In your case just try to go to "Custimize" after you connect the cable
and type a name in the box above Public/Private options.
2. I have a wireless router+4 port switch and the name discovered by
Vista itself(!!) (when plugged on the LAN side of the router) is the
wireless SID (even if connected through cable).
3. Over VPN, Vista discovers the name of the domain from the remote
domain controller.

And something more. In the Firewall settings, you have the option to
set/clear the interface (connection) over which firewall is applied.
If you have safe connections, disable firewall on them. Vista will go
mad about this but ignore it. Automatic discovery/network map will
still not work but you can do other things, allmost as with a normal
OS.

Try some of those and see which works for you.
Maybe others can help with more documented settings.

 

[Guest]

Hello adrian(p),
Thank you very much for your input here.
I can only confirm what you stated bellow.
Up to now, I could not change the name of the discovered networks. The field
highlighted did not allow me to remove or change the name.
So, therefore I have taken out the internet NIC and replaced it with the
onboard wireless connection and look, as you stated, the name discovered is
that one of my wireless access router.
Once active, I can change the name also to anything I wish. And it keeps it
after a power-cycle.

For the intranet however, problem remains. I even replaced the onboard dual
NVIDIA with an add-on Intel Pro dual GB.
Again, network discovered is a type 'unknown network' and by default loaded
as public.
Altering to private and power cycle turns it again in public.
The field showing 'unknown network' is highlighted but does not allow
changing its name.

Once wireless internet connection comes on-line, all is turned back to
public and I cannot change the 'unknown' to private and keeping wireless to
public.

For Barb:
Here is the result of ipconfig:
The settings for my extranet are fixed. IP's 192.168.130.1 and -2, subnet
mask 255.255.255.0 and default gateway 192.168.130.0 for both.
The GB switch is unmanaged. I cannot define masks etc.
The broadband router is manageable and set to DHCP in the range 192.168.1.

Output:

Windows IP-configuratie

Hostnaam . . . . . . . . . . . . : pa
Primair DNS-achtervoegsel . . . . :
Knooppunttype . . . . . . . . . . : hybride
IP-routering ingeschakeld . . . . : nee
WINS-proxy ingeschakeld . . . . . : nee
DNS-achtervoegselzoeklijst. . . . : telenet.be

Ethernet-adapter LAN2:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port Server
Adapter #2
Fysiek adres. . . . . . . . . . . : 00-04-23-AC-33-57
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
IPv4-adres. . . . . . . . . . . . : 192.168.130.2(voorkeur)
Subnetmasker. . . . . . . . . . . : 255.255.255.0
Standaardgateway. . . . . . . . . : 192.168.130.0
NetBIOS via TCPIP . . . . . . . . : ingeschakeld

Ethernet-adapter LAN1:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port Server
Adapter
Fysiek adres. . . . . . . . . . . : 00-04-23-AC-33-56
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
IPv4-adres. . . . . . . . . . . . : 192.168.130.1(voorkeur)
Subnetmasker. . . . . . . . . . . : 255.255.255.0
Standaardgateway. . . . . . . . . : 192.168.130.0
NetBIOS via TCPIP . . . . . . . . : ingeschakeld

Adapter voor draadloos LAN Draadloze netwerkverbinding:

Verbindingsspec. DNS-achtervoegsel: telenet.be
Beschrijving. . . . . . . . . . . : Realtek RTL8187 Wireless 802.11g
54Mbps USB 2.0 Network Adapter
Fysiek adres. . . . . . . . . . . : 00-15-AF-05-D4-58
DHCP ingeschakeld . . . . . . . . : ja
Autom. configuratie ingeschakeld : ja
IPv4-adres. . . . . . . . . . . . : 192.168.1.101(voorkeur)
Subnetmasker. . . . . . . . . . . : 255.255.255.0
Lease verkregen . . . . . . . . . : woensdag 4 juli 2007 23:54:02
Lease verlopen. . . . . . . . . . : donderdag 5 juli 2007 23:54:02
Standaardgateway. . . . . . . . . : 192.168.1.1
DHCP-server . . . . . . . . . . . : 192.168.1.1
DNS-servers . . . . . . . . . . . : 195.130.130.161
195.130.130.1
NetBIOS via TCPIP . . . . . . . . : ingeschakeld

Tunnel-adapter LAN-verbinding*:

Verbindingsspec. DNS-achtervoegsel: telenet.be
Beschrijving. . . . . . . . . . . : isatap.telenet.be
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
Link-local IPv6-adres . . . . . . : fe80::5efe:192.168.1.101%12(voorkeur)
Standaardgateway. . . . . . . . . :
DNS-servers . . . . . . . . . . . : 195.130.130.161
195.130.130.1
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld

Tunnel-adapter LAN-verbinding* 2:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #2
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
Link-local IPv6-adres . . . . . . : fe80::5efe:192.168.130.1%16(voorkeur)
Standaardgateway. . . . . . . . . :
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld

Tunnel-adapter LAN-verbinding* 8:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #3
Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
Link-local IPv6-adres . . . . . . : fe80::5efe:192.168.130.2%20(voorkeur)
Standaardgateway. . . . . . . . . :
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld

Tunnel-adapter LAN-verbinding* 12:

Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysiek adres. . . . . . . . . . . : 02-00-54-55-4E-01
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
IPv6-adres. . . . . . . . . . . . :
2001:0:4136:e38a:1821:21c5:3f57:fe9a(voorkeur)
Link-local IPv6-adres . . . . . . : fe80::1821:21c5:3f57:fe9a%8(voorkeur)
Standaardgateway. . . . . . . . . : ::
NetBIOS via TCPIP . . . . . . . . : uitgeschakeld

The stuff about Tunnel is unknown to me. Seems to be MS stuff. Prefer not to
touch that right now.

I have read meanwhile pages and pages on 'how to' and do not find the answer.
Do I have to follow training to become a network expert ?
Is it not the OS vendors their work to keep it simple for home users, even
when they are interested to have something 'more' then standard ?

I am sceptic about a solution to come, no idea how long patience holds ...
Yep, before with XP I had time to 'use' the PC, although also then some
trouble with the onboard NVIDIA NIC's. Believe it's on purpose to feed the
forums :~)

 

[Barb Bowman]

so the machine has 3 NICs? two wired and one wireless? disable the
wireless in device manager. reboot. what happens?

Once wireless internet connection comes on-line, all is turned back to
public and I cannot change the 'unknown' to private and keeping wireless to
public.

--

Barb Bowman
MS Windows-MVP
http://www.microsoft.com/windowsxp/expertzone/meetexperts/bowman.mspx
http://blogs.digitalmediaphile.com/barb/

 

[ADI_RO]

Hi MRB

Back with some new discoveryes.

On your site, the only unusual thing is the Default gateway address
x.x.x.0
Usualy, this is the entire sublan address, as the x.x.x.255 is the
sublan broadcast address (first and last address in a subnet mask
scope - and yours is 255...0). Machines should have addresses between
1 and 254
If you have a gateway in he intranet, enter this address there. If not
leave it blank.
In your case I guess this computer is the bridge between LAN and WAN
(Internet) so no gateway should be set on intranet NICs, and on the
Internet NIC, set the gateway address of your provider. Other
computers in the intranet could use the Vista computer as default
gateway to access the Internet (if you enable Internet Connection
Sharing on the external interface). Don't worry about Tunnels, it's
Microsoft stuff.
It might be this offending setup that prevents Vista to "identify" a
network location. I have tryed different places and the "name" option
is always available.
You might also try to setup a DHCP server on the intranet and see what
happens. Fixed addresses can be resolved using "Reservations" in the
DHCP for the NIC's MAC.
Also consider to setup a workgroup name for the computer. Clearly
Vista does not have enough information to build the network location
unique identifyer and we do not know what it needs to do it. But as
long as you cannot set a name for a connection, it will always go
public and unknown.

Meanwhile I have resolved the Private/Public network discovery issue.
So even if you cannot name your network, try this next step in Public
profile. Also please promote this idea to others that might dig into
the same issue.

The key is in the firewall. If multiple network locations are
discovered (multihomed computers) Vista is always selecting the worst-
case scenario for ALL of them. So if a single location is Public,
Public firewall settings will be set on ALL interfaces. Crazy as it
seems, this is the way they choosed to do it.

Go to Administrative Tools -> Windows Firewall with Advanced Options.
The two groups of rules involved in computer browsing are File and
Printer Sharing and Network Discovery. There are some predefined rules
in those groups that you can edit.
In Outbound Rules you can Allow ALL connections as this will only make
others visible to you. If you do not want to browse outside intralan,
restrict the Outbound rules exacly as the Inbound ones.

Now for the Inbound rules.
In the general firewall settings you will set the default behaviour
for Inbound connections for the three profilesomain, Public and
Private. The default is to set all three to "Block connections that do
not match a rule"
It's OK.
For Outbound the default is to "Allow connections that do not match a
rule". So to restrict outside browsing you will have to define and
Enable rules that "Block connection" if Remote IP is not in the
intralan (only if you realy need to). If not, disable rules and the
default will let connections pass through.

Now go to Inbound rules and filter on File and Printer Sharing group.
Set a single instance for all rules in each connection type involved
in File and Printer Sharing (eg. NB_datagram In) for the Domain,
Public and Private locations.
Select one rule for each connection type, Enable it, set "Allow
connection", in "Advanced" check all three profiles and set the Remote
IP to the intralan subnet address (eg. 192.168.0.0/24 - meaning all
192.168.0.x addresses). Delete other rules (if they exist) for the
same connection type.
This will make your computer visible if browsing connections come from
computers in the allowed range.

Do the same with rules in the Network Discovery group.

Quit firewall settings and go to Network and Sharing Center. Try to
Enable File and Printer Sharing. Vista will complain about the Public
profile. Click on the option to turn F&PS ON for Public networks. It's
safe to do it because the firewall will only accept connections from
the IP range defined above.
That's it. Now regardless of the active profile, computer browsing
will pass through firewall and you will see your local computers and
they will be able to see you.

"View full map" will not work because the Public profile is still
active, but you can see computers near you in Explorer.

Have fun.