Lost satellite connectivity

Help for v2
1

???
Have I opened a can of worms??? I cannot find anything specific to help with my problems, so have had a go myself.

One-way SkyMedia DPT200 sat NIC, Realtek NIC 2 PCs with ICS, sat uses Tellique software with proxy server

We have 2 PCs both with Zone Alarm Pro, but can no longer afford it. Sub for host PC has just run out and read about Comodo so I am trying it out on the Host PC. I could not get access to the satellite or network initially. I don’t know anything about networks, etc., but working from the log I have created a number of Network Connection Rules which seem to work. Is what I have done safe, or have I opened a can of worms? There also seems to be some duplication which maybe could be simplified?

I have received only one Access Denied since setting up the following rules;

The Connection Rules are as follows:
0. ALLOW IP OUT FROM IP [Any] TO IP Zone: [Realtek RTL8139 Family PCI Fast Ethernet NIC #2 - Packet Scheduler Miniport] - 192.168.0.0/192.168.0.255 WHERE IPPROTO IS ANY

  1. ALLOW IP IN FROM IP Zone: [Realtek RTL8139 Family PCI Fast Ethernet NIC #2 - Packet Scheduler Miniport] - 192.168.0.0/192.168.0.255 TO IP [Any] WHERE IPPROTO IS ANY
  2. ALLOW IP OUT FROM IP 192.168.0.1 TO IP 224.0.0.22 WHERE IPPROTO IS IGMP
  3. ALLOW TCP or UDP IN or OUT FROM IP 192.168.0.2 TO IP RANGE:192.168.0.1 - 192.168.0.255 WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS [Any]
  4. ALLOW UDP IN FROM IP RANGE:203.202.140.71 - 203.202.140.72 TO IP RANGE:229.1.0.1 - 230.1.2.255 WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS IN [2513,9201,9202,9203,9205,]
  5. ALLOW UDP IN FROM IP RANGE:204.16.209.0 - 204.16.211.255 TO IP 203.173.210.102 WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS IN [1026,1027,]
  6. ALLOW IP OUT FROM IP Zone:[SkyMedia-200D (sm200DTP) Ethernet Controller - Packet Scheduler Miniport] - 10.10.10.0/10.10.10.255 TO IP RANGE:224.0.0.2 - 224.0.0.22 WHERE IPPROTO IS IGMP

Rules 7 - 12 are I think the original ones listed after Comodo is installed. I haven’t changed these.

The remaining Access Denied log is:
Description: Inbound Policy Violation (Access Denied, IP = 192.168.0.2, Port = bootp(67))
Protocol: UDP Incoming
Source: 192.168.0.2:dhcp(68)
Destination: 255.255.255.255:bootp(67)

The Satellite uses a program called Tellique “C:\Program Files\isat\tc-recv.exe” which acts as a server and uses the browser for logon and monitoring status, (Firefox / IE also have to act as servers)
It puts an icon in the Task Bar - blue when active, red when the dish loses the connection to the satellite, yellow is a problem. I started on yellow - no data would come down from the satellite, but now it is blue.
For security reasons it uses a proxy server - set up localhost:9202 for http and localhost:9203 for socks and PASV mode for FTP transfers.

Satellite requires a rec.ini file to control access to the server.

recv.ini - TelliNet+TelliCast+TelliVision: central Receiver Configuration File

additional files: see license.ini

2-4-2 27-06-2005

[recipient]
user_name=xxxxxxxx
user_key_crypt=xxxxxxxxx

[shell]
login=none

[etcp_parameters]
server_address=203.202.140.71:9201
server_address=203.202.140.72:9201
server_announcement_address=230.1.0.1:2513
authentication=1
use_icon=1

[etcp_compression]
compression_level=6
http_compression=1
port_forwarding_compression=1
socks_tcp_compression=1
socks_udp_compression=1

[http_prefetching]
use_http_prefetching=on
conditional_prefetching=more
http_prefetching_object_size=50000000

XXXXXXXXXXXXXXX POP3 MAIL SERVER XXXXXXXXXXXXXXXXXXXXXXXXXXX

[etcp_port_forwarding]
remote_address=
listen_address=127.0.0.1:111

[etcp_port_forwarding]
remote_address=
listen_address=127.0.0.1:112

Alter the remote address to reflect your own POP3 mail server

[etcp_port_forwarding]
remote_address=
listen_address=192.168.0.1:113

XXXXXXXXXXXXXXX POP3 MAIL SERVER XXXXXXXXXXXXXXXXXXXXXXXXXXX

[internal_tcp]
#not currently used looks like tunnel stuff

#new section
[etcp_connection_control_client]
connect_initial_timeout=5000
#connect_additional_timeout = 10000

=================================================

Please can anyone help - is the Internet connection safe?
Many thanks

2

Hi and welcome at the forums (:HUG)

  1. Please delete those 7 rules. Most of them are ok but probably you won’t be needing them.

  2. Go at Security → Tasks → Wizards → Define a new trusted network and define your trusted zone.

  3. Check again if you have connectivity problems and post back again. :slight_smile:

3

Hi pandlouk,

Thanks for your help.
As instructed, rules deleted, and defined new trusted networks for both Skymedia card and Realtek card. Home network is OK, however, satellite connection won’t work.

Initially Firefox comes up with message that it cannot find the connection to the proxy server.

The Tellique icon which should be blue is yellow, and if speed mode is enabled, the Comodo log goes crazy with Inbound and Outbound policy violations. Firefox shows error:

An outstanding acknowledge pdu was not received in time (probably high udp data loss)
The enhancement client proxy could not communicate with the server proxy.

If you contact your satellite service provider because of this message, please include a copy of your Log File.

Message generated by enhancement client proxy on host cardinal at 2007-03-12 04:18:51 UTC.

The following is the section of the Tellique log generated when speed mode is turned ON. I am currently using speed mode OFF so I can use Firefox

MSG:2007-03-12 04:08:13.925:Program started =============
MSG:2007-03-12 04:08:13.925:Watchdog starting… [2188]
MSG:2007-03-12 04:08:13.925:Watchdog started [2188].
MSG:2007-03-12 04:08:14.106:Starting new child…
MSG:2007-03-12 04:08:14.106:Started new child [2820].
MSG:2007-03-12 04:08:14.766:tc-recv.exe starting… [2820]
MSG:2007-03-12 04:08:14.766:tc-recv.exe version is 2.4.2a (200507061223200) win32-i86pc (Windows XP Professional, Version 5.1.2600, Service Pack 2 on a 1-processor (GenuineIntel, Pentium III (Model 6, Stepping 2)) system)
MSG:2007-03-12 04:08:14.766:Log level is “normal”.
MSG:2007-03-12 04:08:15.267:tc-recv.exe running [2820].
MSG:2007-03-12 04:08:37.449:Connected to ETCP server 203.202.140.72:9201
MSG:2007-03-12 04:09:38.487:Closing association (ip 203.202.140.72): An outstanding acknowledge pdu was not received in time (probably high udp data loss)
MSG:2007-03-12 04:11:56.866:tc-recv.exe shutting down… [2820]
MSG:2007-03-12 04:11:56.936:tc-recv.exe stopped [2820].
MSG:2007-03-12 04:11:56.976:Watchdog child quits properly. Shutting down.
MSG:2007-03-12 04:11:56.976:Watchdog shutting down … [2188]
MSG:2007-03-12 04:11:56.976:Watchdog stopped [2188].
MSG:2007-03-12 04:14:57.896:Program started =============
MSG:2007-03-12 04:14:57.896:Watchdog starting… [2216]
MSG:2007-03-12 04:14:57.896:Watchdog started [2216].
MSG:2007-03-12 04:14:58.347:Starting new child…
MSG:2007-03-12 04:14:58.347:Started new child [4052].
MSG:2007-03-12 04:14:58.817:tc-recv.exe starting… [4052]
MSG:2007-03-12 04:14:58.817:tc-recv.exe version is 2.4.2a (200507061223200) win32-i86pc (Windows XP Professional, Version 5.1.2600, Service Pack 2 on a 1-processor (GenuineIntel, Pentium III (Model 6, Stepping 2)) system)
MSG:2007-03-12 04:14:58.817:Log level is “normal”.
MSG:2007-03-12 04:14:59.388:tc-recv.exe running [4052].
MSG:2007-03-12 04:17:50.815:Connected to ETCP server 203.202.140.71:9201
MSG:2007-03-12 04:18:51.843:Closing association (ip 203.202.140.71): An outstanding acknowledge pdu was not received in time (probably high udp data loss)
MSG:2007-03-12 04:35:46.261:Connected to ETCP server 203.202.140.71:9201
MSG:2007-03-12 04:36:47.279:Closing association (ip 203.202.140.71): An outstanding acknowledge pdu was not received in time (probably high udp data loss)
MSG:2007-03-12 04:36:50.814:Connected to ETCP server 203.202.140.71:9201

Hope this helps with diagnosis.
I tried copying Comodo log, but the 5MB even zipped is over 1MB. Our rural dial up is 28k down and probably 14k up, so without the satellite we are pretty well done for.

Thanks again

4

Hi. Before trying to connect with the sattelite clear all the logs in CFP. Then start a new connection and export the logs in HTML and zip it.

After attach the zip here so we can take a look at it.

ps. after you will have extracted the logs, you can disable the network monitor temporary, for being able to navigate faster, until we resolve the problem.

5

Hi (:WAV)

Thanks,

Have not turned on the other PC so LAN wouldn’t generate any feedback.

Cleared the log, turned on speedmode for satellite which lost the connection to the website, turned it off again.

Here is the zipped log file as requested. Have now turned off the network monitor temporarily.

Good luck.

[attachment deleted by admin]

6

Ok. Probably I found the problem. Please add the following rules
Rule 1
Action = Allow
Protocol = TCP/UDP
Direction = In
Source IP = IP Range = Start IP=203.202.140.71
End IP=203.202.140.72
Destination IP = 230.1.0.1
Source port = Any
Destination port = A set of ports =2513,9205

Rule 2
Action = Allow
Protocol = TCP/UDP
Direction = In
Source IP = IP Range = Start IP=203.202.140.71
End IP=203.202.140.72
Destination IP = 229.1.0.1
Source port = Any
Destination port = A set of ports =2513,9205

7

(V)
Apologies - have been ill - still not fit to continue with saga yet. We did make a lot of progress, but not quite enough and I am using Network Monitoring Off to post this. I think problem is something to do with the volume of ‘pings?’ that travel back and forth from the satellite.

If it is OK with you, I would like to pick this up in a couple of weeks when hopefully I will be able concentrate.

Kindest Regards for all your past help.

8

(R)
Hi,
Problem has resolved itself - Telecom has made Broadband available and the problems have all gone away.
I really was impressed with the help you gave - the onus of not getting it completely resolved rests solely with me, but I have just not been well enough to persevere on the last lap to get it sorted.
The Bordernet Satellite Tellique proxy server is not for the faint-hearted.

Kindest Regards