Strange Wi-Fi Problem with Trusted Zone [Resolved]

Hi guys,

I wonder if anyone can help a home network noob with a strange situation I have got myself into.

I use a laptop to connect wirelessly to my Buffalo router and my desktop connects wired. Both of us are using the latest 2.4 build of Comodo and I have ran the Home network wizard on both machines and created a ‘trusted zone’ on both machines that covers both IP addresses for the two computers and the Router itself.

The situation I get when file sharing is that we can both ‘see’ each other in the network and can both view items we have placed in our respective ‘Shared Folders’. The issue is that viewing the items is fast, like accessing any normal folder on our own machines, but trying to open a file or program is extremely slow and ‘hangs’ the computer for several minutes before opening.

I did notice that the network traffic arrows in Comodo ‘hang’ when in-going and out-going traffic met each other and wondered if I had something blocked.

On viewing my logs I did see several entries referring to Inbound Policy Violation of the rule regarding to ‘ICMP In’. Being a noob I am not sure what this is and whether I can allow it for the IP addresses in my network, or even how to do it effectively without allowing it for everyone on the internet!

The strange thing is, it worked perfectly when I was running version 2.3 on my machine and the RC5 beta on the laptop. This is what makes me feel I have done something dopey!

Thanks for an excellent product, I have been using from the start, and any help and assistance you can give me will be gratefully received. Thankyou.

(R)

Welcome to the forums, Norman (:WAV)

When you set up the trusted network, it should allow all traffic back and forth between those computers.

Can you post a full-screen screenshot of your Network Monitor rules (both machines), and also the relevant log entries (right-click a log entry, export to html, cut/paste as text into your post) from both machines. Relevant log entries, being related specifically to IPs associated with your trusted network/zone. You can edit/mask out any IP addresses and other personal/sensitive information; just leave enough of the IPs to match where needed.

That should help sort out what’s going on.

LM

Hi Little Mac, and thanks for the warm welcome and reply (:HUG)

I have, hopefully attached screenshots for both the desktop and laptop network rules.

The Laptop Log had the following:

Log Scope:: Today

Date/Time :2007-01-25 01:12:39
Severity :Medium
Reporter :Network Monitor
Description: Outbound Policy Violation (Access Denied, Protocol = IGMP)
Protocol:IGMP Outgoing
Source: 192.168.XX.XX
Destination: 224.0.0.22
Reason: Network Control Rule ID = 7

The Desktop had the following two errors, which I only saw after a reboot!

Log Scope:: Today

Date/Time :2007-01-25 01:25:50
Severity :Medium
Reporter :Network Monitor
Description: Outbound Policy Violation (Access Denied, Protocol = IGMP)
Protocol:IGMP Outgoing
Source: 192.168.XX.XX
Destination: 224.0.0.22
Reason: Network Control Rule ID = 7

Date/Time :2007-01-25 01:21:56
Severity :Medium
Reporter :Network Monitor
Description: Outbound Policy Violation (Access Denied, Protocol = IGMP)
Protocol:IGMP Outgoing
Source: 192.168.XX.XX
Destination: 224.0.0.22
Reason: Network Control Rule ID = 7

It’s really strange as I can, on both machines, access and open programs on each others ‘shared’ folder, but on the desktop in particular there is a definite ‘freezing’ period which had never occurred before. I am sure it is some setting I have altered mistakingly!

Many thanks for your time and effort in solving this for me :SMLR

[attachment deleted by admin]

I don’t see anything wrong with the network rules; you’ve got the defaults, plus the two for your trusted zone. It looks fine.

The three alerts you posted shouldn’t be anything to worry about; it’s IGMP (a multi-casting protocol), frequently used in conjunction with routers, and various windows applications like Messenger, and streaming video.

You can create rules in your network monitor to allow it, to see if that makes any difference. It would like this:

Action: Allow
Protocol: IP
Direction: Out
Source: Any (or your IP address)
Destination: 224.0.0.22
IP Details: IGMP

I have no reason to believe that being blocked would cause a lag, but you never know… My thought would be that it’s some security software (Antivirus, etc) that’s causing the delay. I could very well be wrong, though.

You might also try this: Process Explorer is a free utility from SysInternals. It’s like Task Manager on steroids. If you can download that, open it full-screen in the background, and try to access the shared files (using a small window, so you can see Process Explorer). See if you’re getting any spikes, and if so, from what application.

LM

Thank you Sir (:CLP)

You were spot on with the second part of your analysis. For some strange reason it appears that Avast Anti-Virus was the culprit. I must have one of the settings too high. I didn’t realise it had components like ‘Network Shield’ etc. I think this is what is causing the lag.

I removed it from both the laptop and desktop and now access to files and programs in the shared folders is as if we were on the same computer! It’s a shame because I always hear good things about Avast.

I am sure when CAVS comes out of beta though that will be my program of choice (:WIN)

Thanks for your time on this issue and all the best! :■■■■

Well, good to know, and glad I could help!

Typically those AVs with “net” or “web” shielding kind of act like a proxy server in that respect, to “filter” the access to make sure it’s safe. This is similar to what they do with scanning emails. In some cases this really bogs down some aspects of internet access, browsing, etc.

As a general rule, I don’t run that aspect of an AV, or Antispyware, either. They just use too many resources, and always (to me) seem to get in the way.

You don’t need to remove Avast! in general; just disable the webshield. Which may be what you have done; just you said you removed it, so I wasn’t sure if you meant the webshield, or the whole AV program. ;D

Melih mentioned recently that CAVS final release is extended another week at this point, and that it’s looking a lot better every day. I’m looking forward to it!

If everything’s good to go for you on this issue, would you please Edit/Modify your original post in this topic, and add “[Resolved]” to the subject line, before or after your original text, so other users will know there’s a potential solution waiting…

If it’s not resolved, then by all means let me know!

LM

All is fine thank you ! Post modified :BNC

Thank you for the info regarding how these email scanners and network shields work in AVS as well, it is appreciated!

Thanks also for the update on CAVS as well, I will be watching with interest!

Norman