SimonMackay
04-25-2003, 05:54 AM
Hi everyone!
If you are adding a computer to a small network and want to have it use the network's non-Internet resources such as shared disks and printers, you have to do a bit of configuration of any personal firewalls that run on this system. This can only be done for clients that exist behind NAT routers or computers that are sharing the Internet connection.
You have to configure the firewall so that the client's "adaptor subnet" is treated as a "trusted" network. The "adaptor subnet" consists of the IP address and the subnet mask that the client's network adaptor is configured to; and could be set up manually or is usually obtained from the Internet gateway's DHCP server.
To achieve this in ZoneAlarm, click on the ZA icon in the SysTray and select the "Firewall" tab on the left hand side of the ZA window. Click on the "Zones" tab and you will see al list of "network zones". Here, you should see a reference to your network adaptor as well as other "virtual adaptors" like the PPP adaptor for Dial-Up networking and any VPN adaptors.
The adaptor associated with your small network will usually have an address that is within your network's addressing range. This is always in one of the IPv4 "private-IP" address ranges (10.0.x.x , 169.254.x.x (AutoIP) or 192.168.x.x). If this adaptor is showing "Internet" in the Zone column, click on the "Internet" word and there will be a "Internet / Trusted" drop-down. Now click on "Trusted" and make sure that it says "Trusted" in the Zone column for that adaptor. Close that dialog box by clicking OK and the adaptor's subnet will be treated as "trusted". Now you can use the shared disks or printers that exist on the network.
ZoneAlarm still will do its job by protecting your computer against attacks from outside the network and from Trojan Horses and questionable software that is implanted on the machine gaining access to the Internet to "report to home base".
Other personal firewalls can be set up this way to allow for use in small networks where there is an Internet gateway device.
If you are adding a computer to a small network and want to have it use the network's non-Internet resources such as shared disks and printers, you have to do a bit of configuration of any personal firewalls that run on this system. This can only be done for clients that exist behind NAT routers or computers that are sharing the Internet connection.
You have to configure the firewall so that the client's "adaptor subnet" is treated as a "trusted" network. The "adaptor subnet" consists of the IP address and the subnet mask that the client's network adaptor is configured to; and could be set up manually or is usually obtained from the Internet gateway's DHCP server.
To achieve this in ZoneAlarm, click on the ZA icon in the SysTray and select the "Firewall" tab on the left hand side of the ZA window. Click on the "Zones" tab and you will see al list of "network zones". Here, you should see a reference to your network adaptor as well as other "virtual adaptors" like the PPP adaptor for Dial-Up networking and any VPN adaptors.
The adaptor associated with your small network will usually have an address that is within your network's addressing range. This is always in one of the IPv4 "private-IP" address ranges (10.0.x.x , 169.254.x.x (AutoIP) or 192.168.x.x). If this adaptor is showing "Internet" in the Zone column, click on the "Internet" word and there will be a "Internet / Trusted" drop-down. Now click on "Trusted" and make sure that it says "Trusted" in the Zone column for that adaptor. Close that dialog box by clicking OK and the adaptor's subnet will be treated as "trusted". Now you can use the shared disks or printers that exist on the network.
ZoneAlarm still will do its job by protecting your computer against attacks from outside the network and from Trojan Horses and questionable software that is implanted on the machine gaining access to the Internet to "report to home base".
Other personal firewalls can be set up this way to allow for use in small networks where there is an Internet gateway device.