For kail re: Activesynch connecting

Hi kail, and in fact, anyone else that could lend a helping hand Continuing with my activesynch problem of being blocked by comodo, I’ve now tested and got the results here.

From 'Port Madness!" thread:

Ok, I rebooted and have done a test with only Activesynch running. When connecting my pda, it shows these 5 logs. I tested it twice and it showed the same logs again.

Log download, only 6kb this time! :

http://homepage.ntlworld.com/merlin.five/activesynch.html

In my screenshots, you can see all the APPLICATION MONITOR active synch rules with the destination 5721. I tried the test a second time, this time setting them all to ‘any’ but it still came up with the same problem.

http://img406.imageshack.us/img406/3923/screenshot358bg7.th.jpg

http://img406.imageshack.us/img406/1862/screenshot359cz5.th.jpg

You can also see 2 screenshots of my NETWORK MONITOR rules with the destination port 5721, and the source port 5679.

http://img105.imageshack.us/img105/2474/screenshot356pv0.th.jpg

http://img406.imageshack.us/img406/6728/screenshot357tv9.th.jpg

Another thing. I noticed these details below. WCESMgr.exe is still not parented with anything yet, it is set to ‘learn parent’. Would that be the problem?

http://img102.imageshack.us/img102/5265/screenshot360kd3.th.jpg

I don’t know which parent I could set manually since as you can see, all the others have different parents.

astu.exe parents with C:\Program Files\Microsoft ActiveSync\wcescomm.exe

rapimgr.exe parents with C:\Windows\system32\svchost.exe

wcescomm.exe parents with C:\Windows\explorer.exe

Sorry for the delay… was sleeping. Must have dreamed about it. ;D The log entries & Network Monitor you posted confirms it.

Your PDA has a LAN IP. Thus it is, in effect, another system on a LAN… you have local network or a Local Area Network (LAN) when you plug the PDA in. You need to add a Trusted Zone that includes your PC (169.254.2.2) and your PDA (169.254.2.1). This should also include your router/modem if it has a LAN IP.

You can do this in CFP on Security - Tasks - Can’t remember the actual wording (using v3)… Add/Define/Create a new Trusted Zone or something like that.

Once you’ve done this you’ll have 2 new rules at the top in the Network Monitor, one for inbound and one for outbound. These rules will allow all communications between the PC & the PDA (based on the LAN IPs). They will also make the other NM rules that you created for AS redundant and the Application Monitor AS rules… mute (they will only impact/restrict the applications themselves).

Or treat it as a single IP rather than a LAN member… egemen is CFPs creator (lead developer).

   [url=https://forums.comodo.com/help/help_2001_stopping_activesync_email_from_working-t241.0.html;msg1540#msg1540]Re: HELP! - 2.0.0.1 Stopping ActiveSync & Email from working[/url]

Edit: I’m not sure CFP 2.0.0.1 had Trusted zones… before my time. Ewen?

Well spotted about the LAN thing, kail. Well, I tried this but it didn’t work and didn’t add anything to my network rules. I added those 2 IPs in the ‘Add/Remove/Modify a Zone section’.

http://homepage.ntlworld.com/merlin.five/ScreenShot361.jpg
http://homepage.ntlworld.com/merlin.five/ScreenShot362.jpg
http://homepage.ntlworld.com/merlin.five/ScreenShot363.jpg

I then tried the ‘Define a New Trusted Application’ section. I added those 3 things where you can see the range numbers in application monitor.

http://homepage.ntlworld.com/merlin.five/ScreenShot364.jpg

Nothing worked. What did I do wrong?

Here’s the log after I added to ‘Define a New Trusted Application’.

http://homepage.ntlworld.com/merlin.five/activesynch2.html
…

edit: Hmm, I was just playing some music in windows media player and this popped up over the player

http://homepage.ntlworld.com/merlin.five/ScreenShot365.jpg

OMG! Delete those Zone Rules immediately. They are dangerous.

That was my instant reaction on looking at the first image, where you were creating the rules. Looked at the NM screen shots, but I cannot see the zone rules anyway (a maximized screen will help). However, forget that… So, open everything for IPs between 169.254.2.1 and 255.255.255.255… also known as the rest of the planet? An awful rule. You do not want everybody with an IP greater than 169.254.2.1 to access to you & your PDA. That needs to say Start Range: 169.254.2.1 and End Range: 169.254.2.255 ( or maybe even… 169.254.2.2… but it would probably break the nbsession I saw).

The last screen shot is expected… allow it remembered. AS does that.

“So, open everything for IPs between 169.254.2.1 and 255.255.255.255… also known as the rest of the planet?” ;D Oops, yep. I’ve changed them now to 169.254.2.255 .

Those screenshots are maximised. Anyway, it still doesn’t allow my pda and the same logs are coming up.

Ooh wait! I just discovered the firewall configuration wizard which detected my windows mobile device. I’ll get back to you in a bit!

Cool. 8)

On speaking to Ewen he suggests 169.254.2.0 - 169.254.2.10 for the rule (the cater for anything else that you might add). Also I made a mistake… it should start at zero (169.254.2.0), not one (169.254.2.1). He’s right. But, let’s hope the wizard resolves it.

It works! (:CLP) I shouldn’t have been adding IP’s to the Add/Remove/Modify a Zone, it was the Define a new Trusted Network in the wizards section that made it work. I added the IP’s there. Now my pda is connecting and synchronising. :BNC

http://homepage.ntlworld.com/merlin.five/ScreenShot366.jpg

I think I may have added one too many. Is there one of these I should remove?
http://homepage.ntlworld.com/merlin.five/ScreenShot367.jpg
http://homepage.ntlworld.com/merlin.five/ScreenShot368.jpg
http://homepage.ntlworld.com/merlin.five/ScreenShot369.jpg

And shall I delete those range rules in application monitor now?
http://homepage.ntlworld.com/merlin.five/ScreenShot364.jpg

Ah yeah, when I first opened the wizard it said 169.254.2.0. But I changed it to ‘1’. Then I went back and did it again and made it ‘2’ because I thought ‘1’ was wrong. Ok, I’ll change the rules to 169.254.2.0 - 169.254.2.10 .

OK, what the wizard has done is to create each host (PC & PDA) an individual trusted zone… that’s genius. That will work since they are all Trusted Zones. You don’t need to delete any of them.

Edit: Note the Starting Ranges the wizard created, one of them starts at 2 (not 0) because it cannot go below that. You shouldn’t alter all of them.

Hey kail, I deleted all my entries and redid it. Hows this looking now?
It’s still connecting and synching by the way. All systems go.

http://homepage.ntlworld.com/merlin.five/ScreenShot370.jpg
http://homepage.ntlworld.com/merlin.five/ScreenShot371.jpg

What should I do with these, kail? Delete?
http://homepage.ntlworld.com/merlin.five/ScreenShot364.jpg

Sweet. That looks good. What does the wizard offer (I’ve never run it & now I can’t)?

You don’t need to delete any of them. Those IPs are wide because each app is allow to also access the Internet… which might be right. Anyway, you can always delete all of them if you wish. CFP will merely prompt (alert pop-up) when the applications are used & create new ones.

Cool, I was just a bit worried that the range of ip numbers 0.0.0.0 to 255.255.255.255 in the application rules might be risky like you mentioned earlier, but I guess it’s only the network rules which are important now.

The wizard offers 2 things. ‘Scan for known applications’ so you can auto create rules ( I haven’t tried that yet), and, ‘Define a new Trusted Network’ which is where I finally created the correct rules. Here’s a screenshot after I click on ‘Define a new Trusted Network’ :

http://homepage.ntlworld.com/merlin.five/ScreenShot372.jpg
After clicking next on that I got that box where I typed the IP ranges. Then I got a box that said “Congratulations! You’ve finished creating your rules”, or something like that.

Hey, many thanks for all your hard work in helping me out, kail. Have a ■■■■ on me.
Have two! :■■■■ :■■■■

Thanks for the wizard details. That sounds very… British… circa 1935. ;D No problem, glad you are up & running.