Zune Boards - View Single Post

navy699 · 03-18-2008, 10:34 AM

Eason,

I don't know the specific workings of your router, but after finding a couple web pages discussing DMZplus, it appears to be more or less like a generic DMZ. The solution below is making some significant assumptions about your setup, but may in fact be your problem.

Think of a network in three parts:

Internet
---------------------------------------------
Router (Provides some firewall functionality)
-------------------------------------------
Local Area Network (LAN)

Usually, when connecting computers (or Zunes) to routers, they connect on the LAN side. By placing your computer in the DMZ, you are telling your router to treat your computer as if it were connected directly to the internet. In other words, it is on the internet side of your router's built-in hardware firewall. So anything connected to the LAN side of your router (except for computers in the DMZ) will have to go through the router's firewall to connect to the internet or the DMZ. More importantly in your case, anything in the DMZ will have to go through your firewall to connect to your LAN. In other words, a computer in the DMZ looks like any other computer on the internet trying to access your LAN (something most routers are designed to limit under typical scenarios).

In simpler terms, your router may be thinking that your computer is trying to hack into your Zune and preventing the connection.

But wait, you ask: Why can your computer sync with your Zune when connected when it is connected by ethernet cable to the router, but not when the computer is connected wirelessly?

Most routers can only place one computer in a DMZ at a time. But how does it know which computer to place in the DMZ? Depending on your router software, the most common methods are selecting the computer by its MAC address or by its IP address. I don't know which method your router uses. Your laptop has both a wired and wireless adapter. Each of these 2 adapters has its own, unique, MAC address. That leads to a few possible cases:

Case 1: When using your wireless connection, your router is placing your computer in the DMZplus based on identifying your computer through the wireless MAC address. As described above, your zune cannot connect to the computer because they are on opposite sides of your router's internal firewall.

Case 2: When plugging your laptop into your router by an ethernet cable, router does not recognize the wired MAC address as the one that goes into the DMZ. Both your computer and your Zune are on the LAN side of the router's internal firewall, so they can communicate freely.

Case 3: Your router places a computer in the DMZ based on its IP address. If this is the case, you need to examine the mechanism your router uses to assign IP addresses. If they are randomly assigned using DHCP, then whatever adapter connecting to your router (wireless laptop, wired laptop, wireless Zune, other?) may wind up in the DMZ. In this case, your results will be unpredictable.

Recommendations:

1. Remove your computer (i.e. the wireless adapter) from the DMZ (thereby placing it on the LAN side of your setup) and try to sync wirelessly with your Zune. This may solve your problem.

2. Examine your router's method for identifying which device goes into the DMZ to ensure that it will not surprise you when it renews DCHP leases.

3. Strongly consider not using the DMZ feature at all. By placing your computer in the DMZ, you forefit any security benefit of owning a router. The only thing keeping your computer from being completely owned by hackers and malware is your Windows firewall and any antivirus programs you have. Not good....

4. If you can enable WPA instead of WEP, you should do so once your get the Zune thing sorted out. Use at least a 20 character WPA password. WPA is like a deadbolt on a steel door, and WEP is like the latch on a screen door. Both can be broken, but one is a lot more secure. Your router sounds like it may be old based on WEP/802.11b. You may want to look for a cheap 802.11g router in the bargain bin if your current one does not support WPA.

Of course, I could have crawled so far out on this limb that I have totally missed the real problem...

-Navy699

03-18-2008, 10:34 AM	#7 (permalink)
navy699 Zewbie Join Date: Feb 2008 Posts: 5 Reputation: 10	Eason, I don't know the specific workings of your router, but after finding a couple web pages discussing DMZplus, it appears to be more or less like a generic DMZ. The solution below is making some significant assumptions about your setup, but may in fact be your problem. Think of a network in three parts: Internet --------------------------------------------- Router (Provides some firewall functionality) ------------------------------------------- Local Area Network (LAN) Usually, when connecting computers (or Zunes) to routers, they connect on the LAN side. By placing your computer in the DMZ, you are telling your router to treat your computer as if it were connected directly to the internet. In other words, it is on the internet side of your router's built-in hardware firewall. So anything connected to the LAN side of your router (except for computers in the DMZ) will have to go through the router's firewall to connect to the internet or the DMZ. More importantly in your case, anything in the DMZ will have to go through your firewall to connect to your LAN. In other words, a computer in the DMZ looks like any other computer on the internet trying to access your LAN (something most routers are designed to limit under typical scenarios). In simpler terms, your router may be thinking that your computer is trying to hack into your Zune and preventing the connection. But wait, you ask: Why can your computer sync with your Zune when connected when it is connected by ethernet cable to the router, but not when the computer is connected wirelessly? Most routers can only place one computer in a DMZ at a time. But how does it know which computer to place in the DMZ? Depending on your router software, the most common methods are selecting the computer by its MAC address or by its IP address. I don't know which method your router uses. Your laptop has both a wired and wireless adapter. Each of these 2 adapters has its own, unique, MAC address. That leads to a few possible cases: Case 1: When using your wireless connection, your router is placing your computer in the DMZplus based on identifying your computer through the wireless MAC address. As described above, your zune cannot connect to the computer because they are on opposite sides of your router's internal firewall. Case 2: When plugging your laptop into your router by an ethernet cable, router does not recognize the wired MAC address as the one that goes into the DMZ. Both your computer and your Zune are on the LAN side of the router's internal firewall, so they can communicate freely. Case 3: Your router places a computer in the DMZ based on its IP address. If this is the case, you need to examine the mechanism your router uses to assign IP addresses. If they are randomly assigned using DHCP, then whatever adapter connecting to your router (wireless laptop, wired laptop, wireless Zune, other?) may wind up in the DMZ. In this case, your results will be unpredictable. Recommendations: 1. Remove your computer (i.e. the wireless adapter) from the DMZ (thereby placing it on the LAN side of your setup) and try to sync wirelessly with your Zune. This may solve your problem. 2. Examine your router's method for identifying which device goes into the DMZ to ensure that it will not surprise you when it renews DCHP leases. 3. Strongly consider not using the DMZ feature at all. By placing your computer in the DMZ, you forefit any security benefit of owning a router. The only thing keeping your computer from being completely owned by hackers and malware is your Windows firewall and any antivirus programs you have. Not good.... 4. If you can enable WPA instead of WEP, you should do so once your get the Zune thing sorted out. Use at least a 20 character WPA password. WPA is like a deadbolt on a steel door, and WEP is like the latch on a screen door. Both can be broken, but one is a lot more secure. Your router sounds like it may be old based on WEP/802.11b. You may want to look for a cheap 802.11g router in the bargain bin if your current one does not support WPA. Of course, I could have crawled so far out on this limb that I have totally missed the real problem... -Navy699 Last edited by navy699 : 03-18-2008 at 10:40 AM. Reason: typo