Files2Phones Logo PC2Me Logo

FAQ - Firewalls

Document number: faqF
Copyright (c) 2001-2008 1stWorks Corporation. All rights reserved.

About Firewalls and Security Software

Your firewall, security or privacy software may prevent you from connecting to the 1stWorks Network .

For information about specific firewalls, see:

Firewalls Routers
Agnitum Outpost
Etrust EZFirewall
Iolo Firewall and System Mechanic Professional
Kaspersky Internet Security and Kaspersky Anti-Virus
McAfee Security
NetDefense (V-Com)
Norman Personal Firewall
Norton (NIS, NPF)
PCSecurityShield (The Shield Deluxe)
Rogers Yahoo! Online Protection
SystemSuite (V-Com)
Trend Micro PC-cillin
Windows XP Firewall
Zone Alarm
Cayman
D-Link
LinkSys
Other Configurations that may block connections

BorderNet (2-way satellite)
Directway Satellite
Ositis WinProxy Firewall (Starband dish satellite)

What to do

If you can't connect to the 1stWorks Network (your Files2Phones Access Server stays Signed-Out):
  • Set your firewall to a Medium security setting that allows outgoing TCP connections through all ports, to any computer. This is often the default setting for personal firewalls and routers.

  • If the firewall product challenges Files2Phones Access Server or F2P, choose to always allow it.

    Note: Expect your firewall product to challenge Files2Phones Access Server again after every Files2Phones Access Server update.

Online Direct (peer-to-peer)
If you are planning to use Files2Phones Access Server in a Online-Direct (peer-to-peer) connection, configure your firewall to:

  1. Allow outgoing TCP connections through all ports, and
  2. Also allow incoming TCP connections through one of the Files2Phones Access Server ports. Forward the connections that come in through that port to the computer that is running Files2Phones Access Server.

    See: Connecting Online Direct.

Security

1stWorks Corporation is aware that there are many viruses spread through open ports on computers and has taken significant precautions to filter any non-Files2Phones Access Server messages to its open ports. Messages are not stored on the computer stack and therefore are not susceptible to execution upon overflow. If Files2Phones Access Server receives incorrectly formatted transmissions it immediately closes the inbound ports and, if the sender is HTTP, returns an error to the sender.

How do I configure anything else?

Most router / modem / firewall manufacturers have websites that include answers to the question: "How do I open ports?" Often, the questions are asked by online gamers, so the questions might look like this: "How do I play (game name)?"

The words differ from vendor to vendor.

In general, to find information:

  1. Find the website for the manufacturer of your router / modem / firewall.
  2. Go to their Support area.
  3. Find their FAQ (frequently asked questions) or Knowledgebase.
  4. Search for any of these: "ports", "online gaming", "ICQ", "Netmeeting". Usually, you can find information on how to open up ports. In some cases, the information tells you what to do, but you need to look in the User's Manual to find out how to do it.

Agnitum Outpost firewall

The Agnitum Outpost firewall can prevent you from connecting from some rooms. If you get a "Referer Error while connecting to room" message, you can configure the firewall to eliminate the problem.

The following information is from Agnitum: http://www.agnitum.com/support/kb/article.php?id=1000098&lang=en

Some sites require that all or several of its active content elements be allowed to run for their pages to display or function correctly. If you make the settings for all sites very restrictive, you can experience the following problems: images not being displayed, a web page not showing at all, a web page displayed incorrectly or some useful services contained in applets not working. If this happens with only a few sites, add those sites to the exclusions lists of the Active Content and Ads plug-ins.

For the Active Content plug-in:

1. Right-click the Active Content plug-in name in the left panel of Outpost's main window and select Properties on the shortcut menu.

2. Select the Exclusions tab and click Add.

3. Specify the site address, for example, www.agnitum.com, and click OK. [For Files2Phones Access Server, the site address is the relay server your room is on, such as: relay.ezpeer.net or relay10.ezpeer.net or DLR1.ezpeer.net]

4. Specify the settings for that site and click OK. [For Files2Phones Access Server, click on Referrers and click Permit.



If this does not resolve the problem, please follow the instructions at http://www.agnitum.com/support/kb/article.php?id=1000106&lang=en

Bordernet 2-way satellite

Files2Phones Access Server interprets the BorderNet connection as a proxy server, and sets itself to be Online-Tunnelled. Users are able to connect, but find that audio is broken, they may have difficulty sending and receiving typed messages, and other symptoms of a poor connection.

Bordernet has some similarities to a proxy server, but you can set up exceptions so that you can connect directly to the Files2Phones Access Server servers.

From a customer: "The exceptions are the exceptions to going through the proxy server. This is what the Bordernet people suggest trying since it would mean that the server would be going straight to the site and not through a proxy."

We gave him a list of addresses to put into Bordernet as exceptions. Then, in Files2Phones Access Server, he clicked the Online-Tunnelled message, checked Directly, clicked OK, closed Files2Phones Access Server, waited 20 seconds and restarted Files2Phones Access Server.

The addresses we gave him were:
   relay.ezpeer.net
   relay-server.ezpeer.net
   vns2.Files2Phones Access Server.com

where relay-server is the Files2Phones Access Server relay his room is on.

Etrust EZFirewall

EZFirewall is a branded version of Zone Alarm Pro. Please see our instructions for
  • Zone Alarm.

    Note that if you are trying to set Private Header Information (Referer), you must use the instructions for adding a specific site to the Privacy Site list.

    Information about EZFirewall is at www.my-etrust.com.

    Iolo Firewall and System Mechanic Professional

    10/5/07 - we are currently working with Iolo technical support to determine how to configure the Iolo Firewall and System Mechanic Professional 7 to allow Files2Phones Access Server to connect successfully.

    Unfortunately, until this issue is resolved, you cannot run Files2Phones Access Server while the Iolo product is installed. You must uninstall Iolo in order to run Files2Phones Access Server.

    1/21/08 - If you uninstall Iolo, and you still can't connect with Files2Phones Access Server, please see instructions from Iolo on how to remove remnants of their software, in the FAQ DBA-01964 - I can't establish an Internet connection after uninstalling System Mechanic 7 Professional or iolo Personal Firewall, at http://www.iolo.com/customercare/kbarticle.aspx?id=KBA-01964

    Norman Personal Firewall

    This information comes from http://www.norman.com/Support/FAQs/Norman_Personal_Firewall/17734/en-us, through the following path: Support » Frequently Asked Questions » Norman Personal Firewall » What is a referrer, and how do I stop referrer blocking?

    What is a referrer, and how do I stop referrer blocking?
    Whenever you click on a link to go to a new web page, your browser automatically tells the new web site where you came from. This URL of the page you came from is known as the "referer" and is passed in a hidden part of the conversation between your browser and the web server providing the new page. This can be deemed to be an invasion of your privacy.

    To disable referrer blocking, right click the NPF icon in your system tray and choose Block referrer and then choose No. This should resolve the problem you are having.

    PCSecurityShield (The Shield Deluxe)

    10/12/07 - The Shield Deluxe

    The Shield Deluxe includes firewall features and is powered by Kaspersky. Please follow the directions in our article on Kaspersky for configuring The Shield Deluxe to allow both the initial connection to our location server and the secondary connections to the Files2Phones proxy servers, at http://www.myf2p.com/guide/firewalls/faq_kaspersky.asp.

    Like Kaspersky, The Shield Deluxe asks if you want to allow Files2Phones Access Server to access the Internet. You give it permission, and Files2Phones Access Server makes the first connection, to our location server. Then, like Kaspersky, The Shield Deluxe blocks Files2Phones Access Server from making the second connection to the proxy servers.

    If you do not want to make a permanent configuration, you can pause The Shield Deluxe temporarily while Files2Phones connects. Once you have connected to the room successfully, you can re-enable The Shield Deluxe.

    For more information on PCSecurityShield, see http://www.pcsecurityshield.com.

    Rogers Yahoo! Online Protection

    Rogers Yahoo! Online Protection includes Norton Personal Firewall 2006 Please see our instructions for
  • Norton firewalls.

    Please see the Rogers tutorial for accessing the Norton Personal Firewall at http://help.yahoo.com/rogers/tutorials/olp2/firewall1.html.

    Trend Micro PC-cillin

    From a customer:

    PC-cillin users may keep losing the Files2Phones Access Server connection unless you configure PC-cillin as follows:

    1. Open PC-cillin
    2. Go to AntiPhishing & content protection
    3. Un-check Filter Access to Web Sites
    Information about PC-cillin is at www.pccillin.com.



    Top