Automatic detection of private networks NOT working

Hi,

Our main PC currently runs Windows 7 x64. It is connected to the internet via ethernet to a cable modem (120Mbps down, 12Mbps up). As such the PC is assigned the WAN IP for that cable connection (82.xxx.xxx.xxx). Using that connection, the PC runs OpenVPN to tunnel to my paid-for VPN service and is assigned a 10.xxx.xxx.xxx IP address. The PC also runs Connectify which uses a spare Wireless N dongle to act as a Wireless Access Point (WAP) so that our local wireless devices (phones, tablets, laptop) can share the main PC’s internet connection. The software WAP issues local IPs in the 192.168.203.xxx range.

After installing CIS I have not seen a single network detection dialog. I need CIS to detect the three networks (main cable WAN, VPN network and local WAP network) so I can set up individual rules for these zones. I want the WAN and VPN zones to be effectively public networks with no incoming connections allowed (except whitelisted apps such as P2P), and for the local WAP network to function as a LAN as it should - allowing my local devices to talk to each other without being open to access from the internet.

Unfortunately no matter what I do CIS refuses to pop up any network detection dialogs. I’ve checked in advanced settings that Enable automatic detection of private networks is enabled (and it is so). I’ve rebooted several times which did nothing, and I’ve also manually disconnected all networks, then re-connected individually to give CIS a chance to detect them - and nothing happens. Does anyone have any ideas that can help? The User Manual and help section proved useless in this instance.

Many thanks in advance.

which version of CIS are you using?

The latest available, 6.3.302093.2976
Thanks. :slight_smile:

EDIT: Attached screenshots to show the networking map, which is simply my PC and it’s WAN (cable) IP address with no other networks showing. That was put there by CIS automatically though only loopback shows in the network zones options screen. Hitting refresh doesn’t change anything. The ‘intrusions’ shown are simply local traffic from the local WAP the PC runs, which are being blocked by CIS because it hasn’t asked to add the networks and hence is treating them as ‘foreign’ and blocking them.

[attachment deleted by admin]

Adding a new reply rather than adding edits to edits etc… Just thought, but does the red ‘x’ in the CIS network graphic mean network issues or no connectivity perhaps? Only asking because due to my network setup Windows 7 itself is confused and shows a red ‘x’ also. I’m wondering if CIS takes its network info from Windows rather than looking for itself, maybe that’s why it’s not popping up dialogs because it thinks the machine is offline? That would explain why it also fails when I try to lookup files online or submit files - it just says not found. I’m guessing it thinks the machine is offline so won’t even try?

I installed ZoneAlarm (after removing CIS) last night to test it, and it automatically added three networks for me out of the box. One, my cable connection (Public), one the VPN (public) and one the WAP (local, trusted) and its DHCP server (local, trusted). Unfortunately ZA is a hog and not great at protecting these days so I’m back on CIS and wanting to get it working. Thanks again for any help and advice. :slight_smile:

[attachment deleted by admin]

I timed out responding before I saw your edit… sorry. But I’m glad you upped the pics because it answered my first question. Now, as far as the (red x) in your second pic, I only get that screen in the event I turn on a pc without having establishing connection to a network. My second question is this, in your first pic, this is the *Main interface, click on the green arrow towards the top right side of the box to flip it and show the *Task Interface. Then click on Firewall tasks, then open advanced settings, then click security settings, then Firewall, then Network Zones… anything appear in the box to the right?

Just ‘loopback zone’. I did mention this above but you must have missed it in the edits etc. My apologies. :slight_smile: I’ve been using CIS (and CAV and CF before it) for years now, and this is the first time I’ve had this issue. What you said about CIS indicating no network confirms what I thought about it likely taking its network info from Windows rather than looking for itself.

I am obviously on a working network or I wouldn’t be posting here. :slight_smile: Because the PC is running three networks (cable WAN, VPN tunnel on that connection, and the WAP LAN) Windows - and hence, it appears, CIS - are becoming confused. All available networks have IP addresses and are online but as you saw in the screens Windows (and CIS) think there’s a problem with network connectivity when there isn’t.

I meant to say that I was merely thinking aloud here in hopes we could figure this out, but after my initial time out I didn’t include it in my re post. I’m curious though.

In your interface where it shows loopback zone only, mine shows loopback zone and under it additional zones which cis picks up upon establishing connections to networks. In this area tho, I’ve noticed you can add zones and specific ip’s, and I was only wondering if you could add those zones you wish to ie. 82.xxx.xxx.xxx / 10.xxx.xxx.xxx / 192.168.xxx.xxx etc., and then apply the rules you want to them (me thinking it would help detect the zones you wish to be detectable and already have the rules you wish applied when you establish those connections)

Reason I mention that is I had an issue with network sharing before between different OS’s with different CIS versions on the same network, and I added specific ip’s in the network zones tab (where yours says loopback zone), and I’ve not had a sharing issue since doing that.

Unfortunately due to a sticky dynamic IP on the cable WAN I would have to change the rules manually fairly often. The VPN has a lot of server nodes and IPs, and unfortunately even connecting to the same server location (eg NL) can yield multiple subnets (10.100.xxx.xxx, 10.101.xxx.xxx, 10.102.xxx.xxx etc etc) between sessions and as such I’d have to input a fairly huge list of custom rules for something that should be - and usually is - automagic in a firewall app. :o

I’m considering biting the bullet and buying an OEM sub to Kaspersky IS or similar, but I’ve been with Comodo so long and their firewall is always top rated by Matousec so I’d like to figure it out if I can. Thanks again for all your suggestions and help. :slight_smile:

hmmm. My only other thought would be if your access point software would 1) allow you to reserve ip’s to the pc’s and devices which connect to it and 2) allow you to apply network rules to those ip’s similar to that of most router softwares.

The access point would, yes, but that is a single subnet and so not an issue. It’s the remote VPN servers that are the main issue, and as they are (1) an external company and (2) have a HUGE range of IPs it’s not feasible to manually enter their subnets into network zones individually. :frowning:

Never mind I’ve given up. :-\ Kaspersky Internet Security 2014 installed and automatically discovered all three networks and configured them perfectly (public WAN and VPN, trusted local WAP network). I’ll just have to stick with KIS and get used to that I suppose. It’s worth the cash to get something that actually works! Thanks for all your help in the meantime, it’s a shame we couldn’t figure it out.

[attachment deleted by admin]

Well, maybe some other minds will come along with a solution. Thanks for upping the descriptive Q w/pics, the post caught my interest. Though I don’t use this type of set up, I would like to see a similar function in CIS. In my case, I would like to see this type GUI that would allow one to securely manage internal networking (ie workgroups / sharing). Time will tell, Cheers.