nmmhelpdesk
asked on
Activesync problems after installing windows firewall
After a recent virus scare we decided to enable windows firewall via a GPO, this is fine for the most part, but since then our directors PDA has not synced with ActiveSync 4.1.
I have added the port exceptions as instructed by microsoft, as follows:
26675:tcp:172.23.0.0/16:en abled:acti vesync1
5678:tcp:172.23.0.0/16:ena bled:activ esync2
5679:tcp:172.23.0.0/16:ena bled:activ esync3
5721:tcp:172.23.0.0/16:ena bled:activ esync4
990:tcp:172.23.0.0/16:enab led:active sync5
999:tcp:172.23.0.0/16:enab led:active sync6
.....and program excpetions as follows:
C:\Program Files\Microsoft ActiveSync\CEAPPNGR.exe:*: enabled:Ac tiveSync
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:e nabled:Act iveSync
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*: enabled:Ac tiveSync
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:e nabled:Act iveSync
Yet it is still not working and the heat is begining to build. I have attached a copy of the Pfirewall.log from the user computer.
Any ideas would be very greatfully received.
pfirewall.log
I have added the port exceptions as instructed by microsoft, as follows:
26675:tcp:172.23.0.0/16:en
5678:tcp:172.23.0.0/16:ena
5679:tcp:172.23.0.0/16:ena
5721:tcp:172.23.0.0/16:ena
990:tcp:172.23.0.0/16:enab
999:tcp:172.23.0.0/16:enab
.....and program excpetions as follows:
C:\Program Files\Microsoft ActiveSync\CEAPPNGR.exe:*:
C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:e
C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:e
Yet it is still not working and the heat is begining to build. I have attached a copy of the Pfirewall.log from the user computer.
Any ideas would be very greatfully received.
pfirewall.log
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I suggest that you have a look here and check what IPs have been allowed to use the ActiveSync.
http://www.pocketpcfaq.com/faqs/activesync/windowsxpsp2firewall.htm
Hope it helps.
http://www.pocketpcfaq.com/faqs/activesync/windowsxpsp2firewall.htm
Hope it helps.
Clarification for future generations reading this thread ;-)
Windows Firewall has it's place, and can be indispensable in some environments. For example, anybody connecting to the Internet using dial-up, public hot-spot, or any other technology that puts a computer onto a shared, non-trusted network should have a firewall running. Not so much to protect against viruses or malware (best defense against these is software specifically designed for the task) -- but to protect against other people who my want to hack into a system for various reasons.
In other environments, however, the firewall adds no value and creates support headaches. An example of this would be in a corporate network. A proper business network already has edge firewalls, already has other network and system security measures in place, and should be restricted to use by "trusted" users. So turning on the Windows firewall is just going to mess with things and make support more difficult.
Windows Firewall has it's place, and can be indispensable in some environments. For example, anybody connecting to the Internet using dial-up, public hot-spot, or any other technology that puts a computer onto a shared, non-trusted network should have a firewall running. Not so much to protect against viruses or malware (best defense against these is software specifically designed for the task) -- but to protect against other people who my want to hack into a system for various reasons.
In other environments, however, the firewall adds no value and creates support headaches. An example of this would be in a corporate network. A proper business network already has edge firewalls, already has other network and system security measures in place, and should be restricted to use by "trusted" users. So turning on the Windows firewall is just going to mess with things and make support more difficult.
Also see this page below.
http://www.microsoft.com/windowsmobile/en-us/help/synchronize/activesync-usb.mspx