I’m using Netgear’s StorageCentral101 as a SAN device and for some reason CF3 will not allow Z-SANService.exe (Vista version) (:SAD) to connect to my shared folder on the SC101 device. It just hangs, I gave full access to Z-SanService.exe, SCM.exe and Zscan.exe, and nothing seems to work. Disabling Defense + and the firewall doesn’t make a difference. Only solution so far is to uninstall CF3.
Anyone get CF3 working with their NetGear’s SC101 SAN device?
I just installed Comodo Firewall Pro v3 last night and immediately lost connection with my SC101. I spent hours trying to find a workaround, but to no avail. Even completely disabling Comodo wasn’t enough to restore the connection; I had to uninstall it entirely. My SC101 popped right back up. Unfortunate, since Comodo seems like an excellent firewall solution. But until I can determine the workaround for my SC101, I can’t use it.
I have no experience of the Netgear but I do know that you must configure the firewall to allow UDP data through port 20001 for it to work. I think you might have to create a global rule allowing UDP through this port in order to get it to work.
:SMLR
I deduced through checking the port traffic that the SC101 was attempting to use port 20001, so I tried adding that to the “My Port Sets” page, but maybe that wasn’t the correct way to do it. Is there another way to specify UDP 20001 as an allowed port?
I think you need to go to global rules in network security policy and add a new allow rule allowing UDP for this port. If you have source and destination addresses from your logs you could use these in the rule. Once created click on all the apply buttons until the list is all that is left and then make sure the new rule is above any block rules in the list before clicking on apply for the last time.
I think this is the only way to do this but perhaps someone more knowledgeable might add more.
:SMLR
Hi, I believe this issue is related to the (new) 3.0.14.276 version.
I have been using a Netgear SC101 device with CFP for some time, firstly with V2, now with 3.0.13.268. I have found it necessary in the Attack Detection Settings to disable the Do Protocol Analysis setting (in both V2 & V3) for the SC101 to work.
When I upgraded to 3.0.14.276 I could not access the SC101 regardless. I tried various settings (including below). The View Active Connections shows traffic between the PC and the SC101 but the drive is not visible in My Computer. It can be accessed by the NETGEAR Storage Central Manager Utility. Setting CFP to Disabled (both Firewall and Defence+) makes no difference.
Either some new setting is required or there is an issue with this version.
I have gone back to 3.0.13.268 until this issue is resolved.
BTW: I believe that this software driver for the SC101 is a very poor solution by Netgear. Why didn’t they include SMB, FTP, etc support inside of the SC101 box? While I have been quite happy with my SC101, I would not recommend it for this reason.
I also have a netgear sc101 that quit working after instaling CF3. This is the fix I came up with, but I haven,t tried it on Vista yet, just XP.
I unchecked “Block Fragmented IP Datagrams” (The SC101 apprently uses fragmented IP datagrams.) after it worked and I rechecked it I could not see the drives.
I found that “Do Protocol analysis” can be checked or unchecked, and it makes no diferance. (I found it unchecked, but left it checked)
Everything worked ok, but I wanted to make sure so I set Network Defense to Custom Policy Mode.
I set the Proactive Defense to Paronoid. I turned the firewall off and restarted it, everything still worked fine. BTW when you use these settings it even warns you about copy and paste operations.
I then rebooted, and the SC101 conected. Everything else checked out as well.
Port 20001 is the reciving port for the SC101, I didn’t have to change any port settings to make it work.“Open 20001 tcp&udp”-per netgear forum moderators. None of the conections that I saw were on port 20001, but all went to port 20001 on the SC101.
I haven’t had the firewall installed for a full day yet so I’m not totaly sure that this is the best solution.
Kent
It’s not just the SC101, but a lot of NAS devices use fragmented packets. Apple gear also does this.
Ewen 