MS Active Sync connection problem with MDA/PDA [Resolved]

I’ve a problem connection my MDA/PDA with my laptop. I’m running XP Pro SP2 with latest updates and CPF v2.3.6.81. I connect my MDA with USB. When I connect it, I get two messages. One to give it an IP, and another message (which I don’t remember). I choose allow, but then my MS Active Sync can’t connect with my MDA. This problem only occurs if I have the firewall settings at custom (default settings, so no other rules). If I use allow all, it’s working perfect. How to solve this problem?

Welcome to the forum.
Can you see any blocks in the log? (activity/logs)

Here are the messages from CPF, the error from MS Active Sync the blocks I get. Hope you can help me :slight_smile:

[attachment deleted by admin]

The svchost, services you should allow and remember.

You did also get ICMP blocked, so you could try to allow that and see if it helps.

Go to Network monitor (security/network monitor).
Right click on one of the default ICMP rules and add/add after.
Do these settings.

Action : Allow
Protocol : ICMP
Direction : In
Source IP : Any
Destination IP : Any
IP Details : Port unreachable

Always remember to place your allow rules you make, above the default block rule.
Network monitor reads the rules from the top to the bottom.

There was a block for FTP?
Start to do these suggestions first, and then if it doesnt work, right click in the log and export as html and copy n paste the log here.

Do you have a router? Have you made a trusted zone?

Hello,

I did what you suggested but it isnt working. I didnt have a FTP block. Yes I am behind a router but that has nothing to do with the PDA i am trying to connect with my laptop with usb right?

And here is my log as requested :slight_smile:

Thank you for you kind help 8)

[attachment deleted by admin]

If you have to give your PDA an IP it can have to do with the trusted zone.
You just have to answer yes or no…

There is mainly three things that get blocked.
IGMP which is multicast (streaming audio/video)
If you use it, you can make a rule for it.

There is also 2 ports that’s getting blocked.
You should try to create a network monitor rule to allow them just to see if it works.
Go to Network monitor (security/network monitor).
Right click on your top rule and add/add after.
Do these settings.

Action : Allow
Protocol : TCP
Direction : In
Source IP : 169.254.2.1
Destination IP : 169.254.2.2
Source Port : Any
Destination Port : A set of ports: 990,5721

If it doesn’t seem to work, restart CF or reboot your PC.

hello,

i dont have a trusted zone for my pda :slight_smile:

I did as you suggested, but the port still get blocked… i get this message in my logs:

Date/Time :2006-12-05 21:22:16
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 169.254.2.2, Port = 999)
Protocol: TCP Incoming
Source: 169.254.2.1:1041
Destination: 169.254.2.2:999
TCP Flags: SYN
Reason: Network Control Rule ID = 8
In the attackers’ world, this port is usually used by Trojan.DeepThroat(999)

Date/Time :2006-12-05 21:22:11
Severity :Medium
Reporter :Network Monitor
Description: Inbound Policy Violation (Access Denied, IP = 169.254.2.2, Port = 5678)
Protocol: TCP Incoming
Source: 169.254.2.1:1043 Destination: 169.254.2.2:5678
TCP Flags: SYN
Reason: Network Control Rule ID = 8

any idea? i restarted my computer and my firewall already :slight_smile: I am not sure what i should do with port 999… let me know :slight_smile:

thanks

Here are the ports that ActiveSync needs to communicate. This is straight from the MS Knowledgebase. Here is the page.

http://support.microsoft.com/kb/q259369/#appliesto

ActiveSync 4.x requires the following Winsock Transmission Control Protocols (TCP) to be available:
• 990 (RAPI)
• 999 (Status)
• 5721 (DTPT)
• 5678 (Legacy Replication)
• 5679 (Handshake & Legacy Replication)
• 26675 (Airsync)

If socket port filtering occurs on any of these Winsock ports, ActiveSync does not synchronize with Microsoft Windows mobile devices.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Just to see if you can get it working make a rule at the top of the Network Monitor list of rules like this:

Allow-check the checkbox next to this window
TCP
IN
Source IP: any
Dest. IP: any
Source Port: any
Dest. Ports: Choose “A set of ports” and enter these port numbers: 990,999,5721,5678,5679,26675 (separate the numbers with a comma only)

You can right-click the firewall icon down on the right and select “Allow All” then wait for a few seconds and do the same thing and select “Custom” again. This will reset the firewall rules without having to restart the computer.

Try to sync it again to see if you get any log entries to show up.

jasper

thanks jasper :slight_smile: its working fine :slight_smile:

I have marked this topic as resolved :slight_smile: