New router blues

[austro]

Last night I swapped out my old Linksys 11g access point/router for a new Cisco/Linksys 11n one. The supposedly idiot-proof setup software wasn't, so it took a little while to pick up the pieces. But after a couple of hours I got things set up so that the network is WPA2-enabled, and all three machines at home have network access.

That's the good news. The bad news is that none of the machines can see one another, which is tough on my file backups and shared printing. I can look at the DHCP client table on the router and see all of the machines, but if I try to ping them by IP address I always fail. At least the problem is symmetrical: pings from all three machines fail. This stuff all worked fine up til 6:30pm last night when I swapped out the router, so it's pretty obvious that the setup software changed some settings somewhere, but I'm at a loss to figure out what.

Has anybody else encountered a similar problem before?

[Lurch]

Last night I swapped out my old Linksys 11g access point/router for a new Cisco/Linksys 11n one. The supposedly idiot-proof setup software wasn't, so it took a little while to pick up the pieces. But after a couple of hours I got things set up so that the network is WPA2-enabled, and all three machines at home have network access.

That's the good news. The bad news is that none of the machines can see one another, which is tough on my file backups and shared printing. I can look at the DHCP client table on the router and see all of the machines, but if I try to ping them by IP address I always fail. At least the problem is symmetrical: pings from all three machines fail. This stuff all worked fine up til 6:30pm last night when I swapped out the router, so it's pretty obvious that the setup software changed some settings somewhere, but I'm at a loss to figure out what.

Has anybody else encountered a similar problem before?

It's been a while, but I went through 3 or 4 linksys products back before dsl and cable modems started including a wifi network onboard.  With every one, the first step was to download the lastest firmware for the device itself, and the drivers for the wireless cards on your pcs.  The seemed to do a lot of "field testing" of their products (ie, you are their QA department).  I'd start there

[Noe]

Last night I swapped out my old Linksys 11g access point/router for a new Cisco/Linksys 11n one. The supposedly idiot-proof setup software wasn't, so it took a little while to pick up the pieces. But after a couple of hours I got things set up so that the network is WPA2-enabled, and all three machines at home have network access.

That's the good news. The bad news is that none of the machines can see one another, which is tough on my file backups and shared printing. I can look at the DHCP client table on the router and see all of the machines, but if I try to ping them by IP address I always fail. At least the problem is symmetrical: pings from all three machines fail. This stuff all worked fine up til 6:30pm last night when I swapped out the router, so it's pretty obvious that the setup software changed some settings somewhere, but I'm at a loss to figure out what.

Has anybody else encountered a similar problem before?

Sounds like the default setting on the router must be set to manual on the MAC address inclusion.  I'd start there.

[Noe]

Sounds like the default setting on the router must be set to manual on the MAC address inclusion.  I'd start there.

Oh wait, I just re-read your post.  The problem is the three machines can't see each other, not that you're having router connection problems... is that correct?

[austro]

Oh wait, I just re-read your post.  The problem is the three machines can't see each other, not that you're having router connection problems... is that correct?

Correct. It's very confusing; I've never seen anything like it.

[Waldo]

Which Linksys router is this, specifically?  You may want to consider installing a third-party firmware such as DD-WRT.  I have always had better luck with those than with the factory Linksys firmware.

This thread may also be of some help.

Also, are your computers running Vista or 7?  If so, swapping the routers probably made the computers think that they were on a different network, and may have defaulted the connection to a "Public" network (instead of "Home" or "Work").  With Public networks, Vista/7 firewalls itself from any other computers on the network.

[austro]

Which Linksys router is this, specifically?  You may want to consider installing a third-party firmware such as DD-WRT.  I have always had better luck with those than with the factory Linksys firmware.

This thread may also be of some help.

Also, are your computers running Vista or 7?  If so, swapping the routers probably made the computers think that they were on a different network, and may have defaulted the connection to a "Public" network (instead of "Home" or "Work").  With Public networks, Vista/7 firewalls itself from any other computers on the network.

It's an E2000. I may wind up going with third-party firmware if only because I think that will let me crank up the antenna power: in spite of the advertising, this one seems to have a weaker signal than my old WRT54G.

All three machines are running XP Pro. The Windows firewalls are all disabled because they're runnng McAfee firewalls, but perhaps those have the same issue. I poked around in the settings for that firewall the other night, but I didn't see anything obvious. I'll go look around some more.

[austro]

Ok, for some reason the McAfee firewall settings were set to disallow ICMP pings. I enabled that, and now I can ping the various machines from a cmd shell (using both IP address and hostname). I still can't get to shared folders, but I imagine that's going to have something to do with the discovery service being screwed up. I'll work on that next.

[S.P. Rodriguez]

Ok, for some reason the McAfee firewall settings were set to disallow ICMP pings. I enabled that, and now I can ping the various machines from a cmd shell (using both IP address and hostname). I still can't get to shared folders, but I imagine that's going to have something to do with the discovery service being screwed up. I'll work on that next.

Late to the game.  You may have to unconfigure/reconfigure your file sharing settings within your home network.  I had the same problem but no router change.  Just glitchy XP....

[Gizzmonic]

Any luck?  If all else fails, try setting your devices to use a manual IP.  PM me if you need more details on how to do that.

[austro]

I eventually wound up checking the McAfee firewall settings on the various machines. None of them were allowing ICMP ping requests, so when I fixed that I was finally able to ping machines from one another, but Windows was still fubar. Then I went and looked at the allowed/disallowed hosts entries in the firewalls, and they were all weird (including multiple conflicting entries for my local subnet), so I cleared all of them out, made the local subnet trusted, etc. That made the McAfee view of the network map correct (i.e., each machine could see all of the other hosts), but Window sharing was still not working.

Finally, fed up with all of that shit, I just disabled the McAfee firewalls, and bingo! everything was fine. For now, I'm leaving things like that until I get some more time, my rationale being that the firewall in the router should protect me from bad guys outside my subnet, and everything inside the subnet is trusted anyway, so if some malware gets in there it's going to eat my lunch anyway.

The big mystery here is how things were working before I swapped routers. It seems unlikely that the Cisco/Linksys installation software was smart enough to figure out that I had the Windows firewall disabled and the McAfee firewall enabled, and then use some McAfee API to change McAfee firewall settings. (Maybe those firewalls plugin into some generic service, so that clients don't need to know exactly what implementation is running.) Based on the various changes that I had to make, it seems like I should have been equally screwed up before the swap. But I wasn't, so there's obviously more to this story than I understand at this point.

[Guinness]

Finally, fed up with all of that shit, I just disabled the McAfee firewalls, and bingo! everything was fine. For now, I'm leaving things like that until I get some more time, my rationale being that the firewall in the router should protect me from bad guys outside my subnet, and everything inside the subnet is trusted anyway, so if some malware gets in there it's going to eat my lunch anyway.

This is sound thinking.  If you want to verify that your external firewall is doing its job, go to Shields Up for a test.  I've not used Windows firewall or any software fw on personal networks and I've ever had any problems.

[Noe]

My oldest son has not learned how to keep himself out of harms way when it comes to downloads.  I'm always having to deal with malware and trojan viruses with him.  But with three laptops and a host machine, all connected to each other through Windows 7, this has become an increased worry for me.  I use McAfee on two of the laptops and on the host machine.  The other laptop uses Symantec (it's my work machine, so I didn't get to chose the virus protection).

So the other day my son tells me that McAfee caught a trojan virus that was trying to invade one of the laptops and quarantined it (and then deleted it because it was very malicious).  I, of course, asked him what he was doing at the time and of course the answer was "nothing... just downloading some stuff for a game... from *this* site that... you know... some guys..."  Say no more sez I and was glad that McAfee took care of the problem.

So two days later, I fire up the second laptop to do some work and lo and behold the same trojan attacks that laptop, only this time it gets through Symantec and infiltrates my machine.  Nothing I can do to get rid of this vicious virus but to do a restore point on Windows 7 and restart in safe mode to have Symantec kill the sucker.  Bottomline, I'd like to have all machines on the same virus protection (and have a five license copy from McAfee to do so), but it just didn't work as planned with Symantec on watch with the other machines.

[Guinness]

My oldest son has not learned how to keep himself out of harms way when it comes to downloads.  I'm always having to deal with malware and trojan viruses with him.  But with three laptops and a host machine, all connected to each other through Windows 7, this has become an increased worry for me.  I use McAfee on two of the laptops and on the host machine.  The other laptop uses Symantec (it's my work machine, so I didn't get to chose the virus protection).

So the other day my son tells me that McAfee caught a trojan virus that was trying to invade one of the laptops and quarantined it (and then deleted it because it was very malicious).  I, of course, asked him what he was doing at the time and of course the answer was "nothing... just downloading some stuff for a game... from *this* site that... you know... some guys..."  Say no more sez I and was glad that McAfee took care of the problem.

So two days later, I fire up the second laptop to do some work and lo and behold the same trojan attacks that laptop, only this time it gets through Symantec and infiltrates my machine.  Nothing I can do to get rid of this vicious virus but to do a restore point on Windows 7 and restart in safe mode to have Symantec kill the sucker.  Bottomline, I'd like to have all machines on the same virus protection (and have a five license copy from McAfee to do so), but it just didn't work as planned with Symantec on watch with the other machines.

We had similar problems when we had teens, but I just took the URLs and blocked them one by one;  luckily, at the time we only had 2 desktops that the kids would use, and I would just edit the HOSTS file,  pointing the offending URLs to 127.0.0.1.  Of course, that was 10 years ago and download sites and attacks weren't quite as ubiquitous as today.

[Waldo]

It's an E2000. I may wind up going with third-party firmware if only because I think that will let me crank up the antenna power: in spite of the advertising, this one seems to have a weaker signal than my old WRT54G.

Looks like the most popular firmwares (DD-WRT, OpenWRT, Tomato) don't support the E2000.  Besides, boosting the antenna power too much could shorten the lifespan of the router.

So two days later, I fire up the second laptop to do some work and lo and behold the same trojan attacks that laptop, only this time it gets through Symantec and infiltrates my machine.  Nothing I can do to get rid of this vicious virus but to do a restore point on Windows 7 and restart in safe mode to have Symantec kill the sucker.  Bottomline, I'd like to have all machines on the same virus protection (and have a five license copy from McAfee to do so), but it just didn't work as planned with Symantec on watch with the other machines.

I have had the absolute worst experience with Symantec Endpoint Protection.  Corporate IT loves it because of the easy centralized management (same reason I bought it for our network) but in the last two years I have had to deal with more crippling infections than I can count.  Not even safe mode helped because the malware had corrupted the Symantec software itself.  On most machines I just installed the trial edition of Avast, started a boot-time scan, and walked away.  A few hours later, I would go check, the infections would be gone, and Two computers were so far gone that I couldn't even install Avast and had to reformat them.

I'm switching to Avast Enterprise Suite next month.

[Noe]

I have had the absolute worst experience with Symantec Endpoint Protection.  Corporate IT loves it because of the easy centralized management (same reason I bought it for our network) but in the last two years I have had to deal with more crippling infections than I can count.  Not even safe mode helped because the malware had corrupted the Symantec software itself.  On most machines I just installed the trial edition of Avast, started a boot-time scan, and walked away.  A few hours later, I would go check, the infections would be gone, and Two computers were so far gone that I couldn't even install Avast and had to reformat them.

I'm switching to Avast Enterprise Suite next month.

That is exactly the problem I had with Endpoint.  I was really disappointed how it basically did nothing.  I thought this trojan was going to force me to do some serious work.  Luckily having Windows 7 and having a resore point that wasn't too far off (about a month) allowed me to do some restore of some registry work and then have Symantec do it's job.  With McAfee, it was so much more comprehensive... it caught the trojan and quarantined it right away.

[Waldo]

Luckily having Windows 7 and having a resore point that wasn't too far off (about a month) allowed me to do some restore of some registry work and then have Symantec do it's job.

Good to hear restore points work better in Windows 7.  All but two out of over 100 machines at work run XP, and any malware I ever had to deal with ate the restore points for lunch.

By the way... next time you get a malware infection and system restore doesn't work, a handy tool called Autoruns can usually help you identify it, whether it's embedded in the system, IE, etc.  It's saved my bacon on a few occasions.