Re: XP Firewall blocking Linksys Print Server

From: Doug (dontcontactviaemail_at_not.com)
Date: 04/12/05 

Date: Tue, 12 Apr 2005 00:00:57 GMT

On Mon, 11 Apr 2005 19:24:02 GMT, Duane Arnold <notme@notme.com>
wrote:

>"normk" <nkatz1@yahoo.com> wrote in news:1113192879.265535.241190
>@f14g2000cwb.googlegroups.com:
>
>> I have a Linksys PPSX1 print server on a LAN with a PC running Window
>> XP SP1. When I turn on the the Internet Connection Firewall, printing
>> fails. I added an exception for port 9100. This didn't help. I also
>> noticed that the port numbers used by the print server differ on each
>> new printing attempt. I suspect the Windows Firewall is also blocking
>> IPX packets that this (old) Linksys print server wants to use. Am I
>> out of luck with the Windows Firewall and this device or does someone
>> know of a simple fix?
>>
>> Thanks!
>>
>>
>
>I cannot say that you're out of luck with the XP FW and accessing the
>print server. The part of the PS using different high ports may be an
>issue. In just looking at the rules that can be made with the XP FW, it
>may hard to accomplish. What you need is FW that will allow you to set
>rules for a private side LAN IP or range of IP(s) that the FW will allow
>traffic, assuming that the printer sever has an IP. That way you're not
>concerned about the port(s) the traffic is coming in on.
>
>If you're behind a router, then you should be able to use IPsec to
>protect the machine and set rules for LAN side IP(s). The AnalogX file if
>you implement it on the machine should give you a good foundation for
>setting-up LAN side IP(s) rules.
>
>http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
>http://www.analogx.com/contents/articles/ipsec.htm
>
>You can use IPsec or another PFW solution that will allow FW rules by IP
>to be given.
>
>I have a print server on my network and my laptop that has BlackIce
>installed has no problems with LAN side IP(s) behind the Watchguard FW
>appliance that issuing DHCP IP(s), because of LAN IP(s) rules that allow
>BI on the laptop to allow traffic flow.
>
>Duane :)
>
>

I normall post on top (top post), but since this thread followed
another path, I'll post here.... ;-}~

I am not sure your firewall will affect your IPX connectivity, but it
has been a long time since i have used Windows in an IPX
environment... however, if your print server is ONLY listening for
IPX connections, your port 9100 permission is not being used anyhow...

first course is to remove IPX from the linksys if possible... also,
remove (disable) the firewall from your PC and try to telnet to port
9100 on your printer... if you get connected, getter done! haha

some of what I just typed was (to a degree) already addressed in your
original post (I know) but I still felt like there may have been some
confusion w/ how this service works, so I posted it anyhow...

Also, the Windows native firewall also permits access by program, not
just port... you could enable the spool service to command any port it
likes if you prefer. Your print server, however, should NOT accept
print requests on any port other than 9100 unless other problems or
custom configs exist... your computer may request the connection to
your print server on a LOCAL port other than port 9100, but the target
port should alwasy be 9100....

on another note, like Duane suggested, the firewall is somewhat
overkill on your protected LAN... The only thing that is really
protecting you from on your LAN is local (internal) hackers (AKA,
nosey co-workers), or co-workers who are infected with worms or other
exploiting programs that may try to exploit you...

not much, but hopefull usefull.

thx,
redneck

Relevant Pages

  • Re: XP Firewall blocking Linksys Print Server
    ... When I turn on the the Internet Connection Firewall, ... I added an exception for port 9100. ... > IPX packets that this Linksys print server wants to use. ... protect the machine and set rules for LAN side IP. ...
    (comp.security.firewalls)
  • Re: How to GCC? - Bill Campbell/or anybody
    ... his end of the ssh connection. ... ssh extensions and commonly forward port 23 to localhost on the remote ... This allows me to use any terminal emulator on the Windows machine ... the LAN ip of the 3.2v4.2 system. ...
    (comp.unix.sco.misc)
  • Re: How to remote access Windows XP Pro computer?
    ... > I want to connect 2 computers, both are Windows XP pro. ... > firewall is sitting between the DSL and my home PC. ... > for 2 Windows XP pro PC at LAN. ... For Remote Desktop you only need TCP Port 3389 open on any firewall or router the work PC is behind. ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Port Forwarding through router to print server
    ... Windows Technologies - Printing & Imaging ... "soulssong" soulssong.2m7r1z@xxxxxxxxxxxx wrote in message ... attached an iogear GPS21U single port USB print server to the network ... I have gone into the router and enabled port forwarding to the IP ...
    (microsoft.public.windowsxp.print_fax)
  • Re: Port Forwarding through router to print server
    ... Windows Technologies - Printing & Imaging ... "soulssong" wrote in message ... attached an iogear GPS21U single port USB print server to the network ... I have gone into the router and enabled port forwarding to the IP ...
    (microsoft.public.windowsxp.print_fax)