PDA

View Full Version : Win7 firewall and server / duet



BJW
2012-11-22, 19:07
Hi all,

First post and its b/c I need a guide for dummies.

I have win7 64bit, and a duet with the latest 7.7.3 nightly as of this posting. I have had the duet for years, but it always seems to have issues. Lately, the duet has had trouble finding my server and connecting to it. I did some investigating and troubleshooting, and it seems the win7 firewall is at fault. If i completely disable the "private network" portion of the win7 firewall, server finds the duet. (sometimes i have to log off/log on, but one way or another, if this part of the firewall is off, it all works, and if its on, its MIA). For whatever reason, when LMS install itself, it does not give win7 good "rules" for the firewall. This is upsetting.

I tried following the advice here http://forums.slimdevices.com/showthread.php?86162-quot-No-Squeezebox-Server-Found-quot-after-W7-SP1-update&p=618826#post618826 but I got nowhere. I have deleted all the server related firewall rules, but the rules I am making just don't work.

If someone would be so kind as to give a truly step by painful step guide for the dumbest of dummies, that would be wonderful. I need something that gives me no benefit of intelligence at all. Thanks in advance!

BJW
2012-11-22, 19:10
I should clarify that in my firewall, "Domain Profile" and "Private Profile" are off, and "Public Profile" is on. Thats the "working" configuration.

w3wilkes
2012-11-23, 00:54
There's a pretty good step by step walk through further down in the thread you referenced. Check post #22 in that thread and see if it helps.

BJW
2012-11-25, 02:19
Hi and thanks for that reply. I did see that, and this is by no means a knock on that post or poster, but a comment on my lack of skills. In other words, I tried that and got nowhere. I know I must be doing something stupid, but I can't figure out the error. Thats why I am requesting the painful step by step that verbosely describes exactly how and what to click and do.

I would be very appreciative if someone would do so, because right now I am having to leave the private firewall portion disabled. Thats ok for now, but I don't want that to become my new normal. :)

Thanks.

w3wilkes
2012-11-25, 12:15
Let's try taking the KIS approach first. A question... Is this a desktop type PC that never goes anywhere? If so it may help things if you run it with a static IP on your network. This will simplify some things like answering the question of "what IP do I use to access the SqueezeServer UI from another device on my network?".

Now to try the simple way. Uninstall your SqueezeServer (Slimserver or LMS depending which "name of the week" we're on) and also delete the Squeezebox directory in C:\ProgramData.

Go into your firewall and set Domain and private back to normal (On, block inbound and allow outbound). Delete all Squeezebox inbound and outbound rules.

Now install your chosen SqueezeServer. I think you will get a security prompt asking if you want to allow the program to communcate over the network. Just say Yes. This should create the correct required firewall rules. Squeeze will need to do a full scan of your library too.

You may or may not need to do a factory reset on the Duet controller and receiver to get them reconnected.

BJW
2014-03-22, 22:50
hi,

I finally tried something, but no luck.

I had a 7.7.3 install that didn't work as I described above. I then turned back on the firewall and installed the Mar 21 7.8 nightly on top. it did not fix the issue. I turned off the private network half of the firewall and all was well again.

I am reluctant to fully uninstall and delete everything and try a fresh 7.8 install b/c I would have to setup everything from scratch. it seems to me that this is instead a bug and that server should be fixed so that when upgrade installs are done, it checks the firewall rules to make sure the right ones are there, and the wrong ones removed.

how can I fix the current install by manually correcting the firewall rules?

toby10
2014-03-23, 02:51
Add "squeeze.exe" into the firewall exceptions for starters.

BJW
2014-03-23, 15:30
Add "squeeze.exe" into the firewall exceptions for starters.

done, as squeezesvr.exe, but it did not help.

w3wilkes
2014-03-23, 22:26
Don't know if this will help, but this thread may be of interest. A while back we had a problem with the win7 firewall and this thread might be what you're looking for.
http://forums.slimdevices.com/showthread.php?87209-Windows-7-Firewall-blocking-SBS-(7-5-4)
edit: never mind, I see this was pretty much looked at in the beginning.

BJW
2014-03-25, 13:54
I would really appreciate it if someone who has win7 and the firewall fully "on" would post the actual firewall rules / exceptions as pertains to the server that allow the thing to work.

I could try to reproduce and see if it fixes my issue. whatever the problem is, I am sure that it revolves around the fact that when the firewall is on, the hardware can't reach the server.

garym
2014-03-25, 14:08
I would really appreciate it if someone who has win7 and the firewall fully "on" would post the actual firewall rules / exceptions as pertains to the server that allow the thing to work.

I could try to reproduce and see if it fixes my issue. whatever the problem is, I am sure that it revolves around the fact that when the firewall is on, the hardware can't reach the server.

Hmmm. I know there are reports of problems with firewalls and settings but I've never seen them. I have win7pro and have firewall "on" for domain profile, private profile, and public profile. I have run 7.6.x on the win7 machines and all versions since (currently on 7.8). I have win7 on 3 different machines all with LMS and various players (including Duet in the past), and I've never had to change any settings (other than turning ON windows firewall) in any of these machines in order for all to work.

I wonder if there are differences in firewall settings across different versions of Win7?

w3wilkes
2014-03-25, 22:20
Just FYI, I thought the thread I linked to had all my settings for the firewall being on in Win7. These rules also are the same on my WHS2011 server which is basically Server 2008 which is really much the same code as Win7. What AV software do you use, that can also get in the way. There's been a couple of times that Avast has messed things up.

mherger
2014-03-25, 23:01
Did you check this with regards to the ports?

http://wiki.slimdevices.com/index.php/Windows_Installation_Guide#Note:

--

Michael

Mnyb
2014-03-26, 22:17
Also was it while since using win for this but does not safety setting disable UDP broadcast ? This would be bad .

Port number: 3483 (TCP)
Port number: 3483 (UDP)
Port Number: 9000 (TCP) have a check in the web-UI if this is what you install uses ( it usually is ) can in rare cases be 9001,9002 if some other app occupies the port on your PC .

No other security app besides MSE ( Microsoft ) like McAffe or Norton or avast etc .

Use only one firewall .

I think the Microsoft one is the only one LMS try to auto configure during install , for obvious reasons it can't with the other 1000's of similar security apps...

BJW
2014-03-28, 23:10
ok, first, thx all for the help.

I just tried adding these three rules manually to the inbound rules section for public, private, and domain:

Port number: 3483 (TCP)
Port number: 3483 (UDP)
Port Number: 9000 (TCP)

do I need them in outbound rules or anywhere else?

I then turned back on the private firewall and everything SEEMS to be working. hooray! (buzzkill: I have not tried rebooting or power cycling anything yet, but this is an improvement, as before just turning on the firewall without the entries would seemingly instantly sever the connection)

oddly, there were lots of entries in the rules for the LMS exe apps it seems, but I guess they weren't enough?

SO, I am suggesting it is a bug, in that why aren't these three rules written if they are missing? for instance, I just went from 7.7.3 to 7.8 and the rules weren't added. why not?

Mnyb
2014-03-28, 23:26
Outbound to for all three of the rules.

BJW
2014-03-29, 00:31
Outbound to for all three of the rules.

are u sure? b/c I don't see any Logitech/server entries of any kind in outbound rules.

Mnyb
2014-03-29, 00:33
are u sure? b/c I don't see any Logitech/server entries of any kind in outbound rules.

3483 is a broadcast it announces the server to any player at the same network so it automatically finds servers ( LMS )
For example .

w3wilkes
2014-03-29, 15:43
I've never had to do any outbound rules, only inbound.

Mnyb
2014-03-29, 21:18
I've never had to do any outbound rules, only inbound.

Maybe the basic setting is to just allow all outbound and only controll inbound .

My firewall is setup like that no outbound controll .