Problems with acquiring or renewing the IP address

[Guest]

[Little Mac]

Toggie can you give the path to Services as I'm in Linux right now and I can't quote it off the top of my head. I think I know what it is but I don't want to get it wrong.

Go to Start/Run, type in "services.msc" (without the quotation marks).  (I'm not Toggie, but I was here...)

LM

[jasper2408]

Go to Start/Run, type in "services.msc" (without the quotation marks).  (I'm not Toggie, but I was here...)

LM

Excellent! That's the quickest way.

EDIT: Actually I always forget about those shorcuts.   

jasper

[Topsail]

I chewed on this problem for days. First the client couldn’t acquire or repair the IP address, then when I finally got that to work I found the client had lost its internet access, etc. In the end I gave up and put static IP addresses on the network, and now it works like a dream.

If anyone isn’t sure of the settings for static IP addresses, there’s a good walk-through by ‘Advil’ on the Tech Support Forum here:

http://www.techsupportforum.com/microsoft-support/windows-xp-support/117-windows-xp-home-network-help.html 

[Little Mac]

Thanks for the post, Topsail.  Glad that static IPs worked out well for you.  After all that, you could probably use some Advil (ibuprofen) yourself, eh? 

LM

[Eric Cryptid]

I finally figured out what was sending out IGMP messages that were being block. It was right under my nose... WINDOWS MEDIA PLAYER 11. I've disabled the IPMG under the NETWORK tab in WMP's settings...

Now if I could only figure out the:
Outbound Policy Violation
ICMP = Port Unreachable - Source: my ip - Destination: My router's DNS address:

DNS 1:  205.188.146.145

It's actually AOL's IP Address - See Below when googling the address:

WHOIS results for 205.188.146.145
Generated by www.DNSstuff.com
Location: United States [City: Reston, Virginia]


Using 15 day old cached answer (or, you can get fresh results).
Hiding E-mail address (you can get results with the E-mail address).


OrgName:    America Online, Inc
OrgID:      AMERIC-59
Address:    22080 Pacific Blvd
City:       Sterling
StateProv:  VA
PostalCode: 20166
Country:    US

NetRange:   205.188.0.0 - 205.188.255.255
CIDR:       205.188.0.0/16
NetName:    AOL-DTC
NetHandle:  NET-205-188-0-0-1
Parent:     NET-205-0-0-0-0
NetType:    Direct Assignment
NameServer: DNS-01.NS.AOL.COM
NameServer: DNS-02.NS.AOL.COM
Comment:   
RegDate:    1998-04-18
Updated:    1998-04-27

RTechHandle: AOL-NOC-ARIN
RTechName:   America Online, Inc.
RTechPhone:  +1-703-265-4670
RTechEmail:  *******[ at ]aol.net

# ARIN WHOIS database, last updated 2007-05-16 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database
 
Eric

[Toggie]

Ericegan.

I'm glad you found the source of the IGMP messages, I had a feeling it was going to be mediaplayer.

With regard to the ICMP messages, you might want to check this thread:

Router messages

[Little Mac]

Probably part of your connectivity, based on AOL being your ISP...  If you've got their software installed (and if it's AOL, you probably do), it may be pinging outbound as part of its process.  CFP is blocking it as you've likely taken such allowances out of the Network Monitor, thus it's a Port Unreachable...

LM

[panic]

For Australian users of the "Unwired" wireless broadband :

If you are having constant disconnections when CFP is running, you will need to add additional rules to the Network Monitor to allow your wireless modem to allocate/reallocate an IP address to your PC. You will need to know the IP address of your DHCP server.

This can be determined by opening a command line window (click START - RUN and enter CMD) and entering "ipconfig /all". This will display the current IP configuration, including the DHCP server address. Make a note of this address.

As the firewall has to be turned ON to make changes, but you are getting disconnected when the firewall is on, you will need to set the firewall to ALLOW ALL before connecting to the internet. Once connected to the internet, run the IPCONFIG command shown above and record the DHCP details. Disconnect from the internet by turning the modem off and then set the firewall back to CUSTOM so we can make changes.

The two rules are as follows;

Action : ALLOW
Protocol : TCP or UDP
Direction : IN
Source IP : IP ADDRESS OF YOUR DHCP SERVER
Destination IP : ANY
Source Port : ANY
Destination Port : ANY

Action : ALLOW
Protocol : TCP or UDP
Direction : OUT
Source IP : ANY
Destination IP : IP ADDRESS OF YOUR DHCP SERVER
Source Port : ANY
Destination Port : ANY

These two rules need to be moved to position 0 and 1 in the Network Monitor

You will also need to skip local loopback connections to allow the Unwired supplied "Venturi Configurator" to run. These options are found in SECURITY - ADVANCED - MISCELLANEOUS.

You should now be able to turn the Unwired modem back on and consistently connect to the internet with CFP set to CUSTOM.

Many thanks to rabbit_fighter for his persistence in helping to track this down (and no thanks to the support staff that were supposed to contact me but didn't. ).

Hope this helps,
Ewen :-)

[Eric Cryptid]

Ewen,
    Trying out your rules to see if it resolves my DCHP IP Renewall messages. With the exception of the loopback and using my DNS IP Address 205.188.146.145... Fingers crossed anyway...

[panic]

Cool Eric, let me know how they work out.

Ewen :-)

[ocasional]

Hello!

I've read all this thread, since this is my problem saw no need opening a new topic, hope I did right.
CPF is installed in this machine since January and always run perfectly with standard settings till 2weeks ago.
At first I thought it was an ISP problem, connection going down frequently (each one or two hours) and difficult reconnection after, or at system startup. But my ISP assures if there is a problem, it is in my PC.
I have a direct connection through net plate/cable modem. If I switch off cable modem after system shutdown, reconnecting becomes more difficult afterwards. IP release/renew or repair connection is useless, all I can do is wait till connection aquires itself. Allow All or shutting down CPF doesn't work as well, but noticed that disabling Protocol Analysis helps reconnecting after reboot. Although I am not so comfortable disabling Protocol Analysis, is it safe? Added one new rule allowing DHCP and DNS IP servers in or out, on UDP connections to port 67-68, but did not seem to work, and I'm not comfortable with that either, not knowing if it's a safe rule.
I send my log (did not add the rule yet) and it seems to me the problem relies in that IGMP access denied (don't know what it is). You can see at 19:06:31 hours and afterwards, the time I caught income traffic and got my IP and access.

Could you please help me configure CPF correctly?
Is it right to disable Protocol Analysis since I didn't have any trouble till now?
Should I try reinstall CPF?
Please ask for any other information you might need.
Sorry for my bad English.

Any help is appreciated, thank you.

Best regards,

Alex

[Little Mac]

Welcome to the forums, ocasional 

Since you have been using CFP for a while, my guess is that your ISP may have changed something on their end so that the process is a little bit different now.  You could ask them, but there's a good chance the answer would not be very revealing...

If you shut the modem off after you shut down the system, it will take a while for it to come back online after reboot; the modem has to recalibrate each aspect of the connection; I don't find that to be unusual.  This process can take a few minutes (I have to go thru this as well), and until it's done, there isn't anything you can do to connect (because the connection isn't active yet).  But that only addresses the bootup issue.

For the frequently-dropped connection, I would expect that as part of the changes, there is a new level of interaction between your computer and ISP's servers, regarding your connection.  If disabling Protocol Analysis doesn't make a clear and immediate difference in your connection issues, I would not personally disable it; too much reduction in protection for not enough increase in connectivity = not a good trade-off. 

You may need to create some specific network monitor rules to allow DHCP to take place.  One of the default network rules is Allow TCP/UDP Out Any Source/Destination IP/Port.  That should take care of the outbound request.  However, you may need to create a specific In rule for DHCP.  If the IP address of the DHCP server is a single static IP, I would start this way...

Open Network Monitor.  Right-click the top rule (Rule ID 0) and select Add/Add Before.
Action:  Allow
Protocol:  UDP
Direction:  In
Source IP:  (the DHCP server IP address) - if it's not static, you may set to 'Any'
Destination IP:  Any
Source Port:  67
Destination Port:  68

Another option with the DHCP server IP address is to find out from your ISP if they have a series of servers (ie, a Range of IP addresses that are in use).  Then instead of a single IP, or Any in that rule, you would select a Range of IPs to use (which would encompass the addresses they give you).

Hope that helps,

LM

[ocasional]

Thank you Little Mac, sincerely, I think once more it is an ISP issue, because other users are complaining about the same thing, although I seem to be the only one in my area cell.
Enabled Protocol Analysis back on, today I've waited almost 50 minutes to get connection and that item was disabled so, it wasn't a solution after all.
Most of the times I shut off the modem after the PC, and turn it on before the PC. Usually the leds take no more than 15 seconds to stop blink and stabilize, and when all (43)processes are finally running there used to be already a valid IP.
Changed my rule for your rule, I had DHCP server IP as Destination IP, not source IP, my mistake. I think it's static, it's been the same for quite some time but I'll check it out with ISP as well as if there was any change on their end. I believe answer won't be revealing at all (we have outer world ISP's stuff, no matter which ISP  ), but it's worth the try. I'm just afraid to call in the technicians, cause if they detect that everything is ok, the cost will be high at the end of the month for calling them.
I know I should have tried a system start-up with CFP service disabled, that will be tested tomorrow. Just considering all the possibilities, and if new rule does not solve, next I'll "take a look" at net plate drivers, just in case. I'll share results afterwards.

Once again, thanks very much 

Best regards, 
Alex

[Little Mac]

Alex,

I realize I did not comment on this in my reply, but should have... you noted earlier that changing the FW Security Level to Allow All did not change the connection/DHCP scenario. 

Typically this indicates that it is not an issue with CFP, as Allow All pretty much disables any protection the FW might offer, thus taking it out of the picture entirely.

I would suspect a previous firewall having left residual traces that were interfering, or some active security software running during install, except that you have been using it successfully up until this point. 

This then points to some other change... Have you had any updates or changes, especially to hardware, drivers, etc?  NIC firmware update, or your modem?  There has to have been some event which triggered this problem.  Most likely it's local, although it could be remote (ie, something on your ISP's end).  And I agree; don't want to call the techs in if you don't have to - they will surely find some way to 'prove' it's not their problem, and leave you holding the bill...

LM

 

[ocasional]

Hi Little Mac,
Yes, Allow All does not help to establish connection. And today I started the system with CFP start-up disabled so, definitely I guess it's not a firewall issue. Took 10 minutes to acquire IP. I posted here because I saw this topic, sorry I was wrong. Anyway, I'll leave the new rule untouched for the time being, and wait for ISP's technical support contact.

Had no updates of hardware or drivers, no new software, just updates to Anti-Virus and Anti-Spy/Anti-Malware software (lucky, never caught one). I know that the ISP injects a jar file in the system (or in the modem, don't know) with configuration settings (like up/downstream bandwidth), but that is done silently and I have no idea where the file is allocated, or when they last updated it. And that's it.

ISP is making changes in their lines, and number of users with the same problem is increasing (haven't read of anyone in my area yet though). They usually do this kind of work without any warnings, and tend not to take responsibility when clients get hanged. I'll have to wait and hope situation gets back to normal on short time. Number of times connection drops-out decreased a lot, that's already a good sign 

Thank You very much for your help support LM 

Best regards,
Alex

[Tags:]