Internet Connection Sharing - ICS sucks!!!

A

aftermath

Well-Known Member
Joined
Mar 13, 2004
Messages
196
Reaction score
0
Location
.
If you want to share your Sentech Connection on a SOHO LAN and you're not using a router, rather use Winroute Pro from Kerio (www.kerio.com) After messing around with ICS and MTU settings like in previous posts, I got fed up. MTU settings don't work within Windows, and if they do, they only work for a short while.....bottom line.

It's easy to setup, but don't enable NAT on the local interface, only the dial connection, otherwise you can't browse your own network. Also disable ICS if it's enabled. This will also sort out the IPNATHLP errors in the Windows event log. You can then either use the built in DHCP server within Winroute or you can give your machines static IP addresses.

Hope this helps
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote">MTU settings don't work within Windows<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Hence my suggestion not to fool arround with them ;)

Winroute is better. Do not waste your time with a proxy (SOCKS or otherwise).

<hr noshade size="1">
"Since light travels faster than sound, people appear bright until you hear them speak."

NetLink Research
 
Just got My Wireless, and been testing various proxies. Been testing one works with Kazaa (socks) and Mirc (socks), so far so good, but still tweaking. And it's cheap. Will let you know how my tests go, and tell you what it's called - as soon as I remember.

Telkom who?
 
kerio winroute pro can be tricky and doesnt have good logging/graphing/filtering features. Rather use Kerio Winroute Firewall. It is a good firewall and decent routing app. Just set up and DHCP server then set up your traffic rules and you are good to go. Its the bigger brother of Winroute Pro. If you need more info or help with it email me off-forum.
 
Hey there, Proxy i'm using is ExProxy from http://www.lavasoftware.net. So far works with all my apps as well.

Telkom who?
 
Try this proxy it is great, they just released the new 2004 version and it has everything. 5 user version is free!!!

http://www.kustek.co.za/602_software.html
 
Ok now I have tried using this 602 proxy but I cant get its NAT working or even its DHCP.

I need to get full unblocked access without an http proxy or any proxy on my LAN pcs. Similar to ICS but not only port 80 etc. I want to open all ports or selected ports that I choose.

If anyone has got this right let me know.

It works beautifully with Kerio Winroute Firewall but that disconnects my ISDN intermittently for some reason (I have told it not to but it still does - randomly) so I cant use it again until I get MyWi. At the moment I use ISDN so I need a sharing solution. ICS blocks ports and slows down stuff like BT for some reason..

I have the same problem with Kerio Winroute Pro. I can only browse http with the http proxy. This is not what I want. I just cant seem to get NAT working with Winroute either..
 
A solutions to getting ICS working:

I've noticed that running ICS on a win2000 machine gives problems that packets that are slightly too large get dropped. This is because win2000 does not reassemble the packets (properly).

Either Run it on WinXP, Linux or OSX or change ALL the machines on your network from the standard MTU of 1500 to something like 1460 (or sometimes slightly higher). This makes little or no difference to your ping and throughput.

To do this on win32 machines you can either mess around in the registry, or you can use tools such as: DRTCP.

Keep in mind you only need to do this on all the client machines' ethernet TCPIP connections.

Also on Mac OS X (10.3) this is simple to do with the ethernet card, but more complex with Airport cards. (you will need to run ifconfig &lt;eth-device-name&gt; mtu &lt;val&gt; on the command line.... which is the same in linux... you will need to do this every time, and thus perhaps put it in an /etc/rc file...)

Take note that you need to at least disable and re-enable the ethernet card under win32 after you have set the MTU (in the registry or using DRTCP)... otherwise this will not work.
 
I just want to enable NAT on all my LAN pcs so that I can say, run Yahoo or bittorrent at full speed with no problems and no firewall crap. I dont wanna open any ports or anything. It should just work. How can I get it to do this? This means also that I should be able to attach a Linux workstation and get fully open internet access as well without any serious networking or samba type (SMB) stuff between Linux and XP. Every PC should receive full internet access. So how can I do it? I'm using XP on all PCs and maybe occasionally Win98 but mostly XP. Not 2k.

No proxies except maybe a transparent proxy. OR a fully open fully authenticated system wide proxy (psuedo-NAT).

Any takers?
 
Hey greedyflyza, I'm not sure, but have you checked your Browser Advanced Settings, like Disconnect Idle Time etc, plus your inactivity times within your ISDN Dial-Up Connections.

You say you're running ISDN, I've converted a lot of my clients from ISDN to ADSL (Before Sentech came along), and there are a couple of 3Com ISDN LAN Modem Gateways around. No more need for Dialup Networking. If you're interested, I can get a price for you depending on if they are willing to part with them (As they are not being used)
 
Well, I only have an internal PCI ISDN TA card. Not gonna help much. If they are cheap - like under 200-300 then it would be a good solution [:D]

Its not those ISDN settings. I have checked and fixed everything. The problem only occurs when I use the software. So sadly, I cant use it. Its probably a micro-bug in the software.
 
I use FreeProxy and it works well for me.
http://www.tucows.saix.co.za/preview/330421.html

It's freeware, and it's about 4mb.

Chow, Nick

Nick Smit
broadband@nicksmit dot za dot net
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by Lailoken</i>
To do this on win32 machines you can either mess around in the registry, or you can use tools such as: DRTCP.

Keep in mind you only need to do this on all the client machines' ethernet TCPIP connections.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">
Phew .. :/ for some reason my MTU settings just *suddenly* broke again on Win2K - was working, then just stopped working, while I was busy browsing. Same symptoms as before, the ICS clients (with MTU manually set to 1412) worked, but the Win2K ICS server didn't. Apparently this is a bug in Win2K, path mtu discovery etc doesn't always work if ICS is enabled, but NO amount of registry setting changing would fix it. Eventually I tried this DrTCP, and think I discovered the reason: seems there is some *other* MTU setting called "RAS MTU Setting" which seems to be somehow configured differently to the Interface MTUs. Setting the RAS MTU solved the problem (for now .. :/). I wonder if my pains have anything to do with the VMWare network devices.

(BTW I already have a Linux squid proxy, so web was not strictly a problem, but my mail etc was).

Anyway, for now all is working again.
 
If you have a linux squid proxy, why not use linux iptables to do the NAT instead of ICS ?
Then you can also clamp down your MTU and force the packets to the correct MTU size, no changes on client machines needed

--
 
It's an ooold Linux box running RedHat 6 with no USB ports, and I only have the USB cable for the modem at the moment :)
 
Aaargh,

I'm growing old too quickly because of this crap.

I have windows 2k on all the machines on our network @ home, i was first having issues finding a stable connection, but that's been all sorted. My problem is that I installed kerio winroute firewall 5.1.10, *mostly* everything was working. (secure sites, mail, kazaa, soulseek either don't work or run at horribly slow speeds that even a normal 56k dial-up could beat) oddly enough though, netscape download centre downloads files at the expected speeds (+/- 24 kb/s)

Now I can only rely on http to run successfully (not even IRC works properly). I need a solution, or some guidelines on how to setup kerio properly. I run the wizard, setting up all my rules, connections, etc.

But, I'm not an IT techie, So i've been wandering about in the program 'tinkering' with different settings, to no avail. If someone is up for a challenge, please help!

Michael
 
Go to www.kerio.com and get the KWF guides in pdf format. They are quite explanatory.

Furthermore, you need to firstly use the rules wizard to set up NAT etc with all ports open. Try every app you need on the LAN pc while monitoring the packets etc on the firewall PC (Called Firewall in kerio). You will need to enable the packet filter and connection filter for the NAT connection. I have tried the "all open" method with MyWi and it does work. About the speed, well that I can only test when I get my own modem.

Kerio is nice in that you can choose which host or network can be used for in out etc. Its very tweakable and customisable. I'm assuming you want to use non-HTTP stuff otherwise just use the http proxy.

You can email me for more info or more help if required. The above details probably seem too little. [:)]
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X