Corporate Security (Firewall or Virus Scan) conflict

May 2008

Note: This information is provided as a reference and does not imply that Juniper Systems will provide full support for the use of any specific third-party hardware or software with a Juniper Systems product.

 

Description

 

Firewalls, VPNs (Virtual Private Networks), virus scan programs, and other parts of a corporate (enterprise) security system can interfere with ActiveSync (Windows Mobile Device Center) connections. The results may be that your connection drops immediately or that you are unable to explore your mobile device. Another common problem caused by these programs is that ActiveSync/WMDC appears as though it is constantly trying to create a connection (the green circle does not stop spinning).

 

Solution

 

If your Field PC has Windows Mobile 5.0 or higher installed, you can try changing the USB ActiveSync/WMDC drivers from Network (RNDIS) to Serial (PPP) by following these steps:

 

  1. Tap on Start > Settings > Connections > "USB to PC" icon.
  2. Uncheck the "Enable advanced network functionality" checkbox.
  3. Tap OK.
  4. Connect USB.

 

Or more technically, if you are using a common firewall application, installing the latest ActiveSync (version 4.5) or WMDC (version 6.1) should automatically configure your firewall to allow mobile device connections. Though this does not always happen. Download links are listed at the following web page.

 

Downloads for WMDC / ActiveSync

 

If you installed WMDC / ActiveSync before installing a common firewall application, ActiveSync 4.x provides a troubleshooter utility which may resolve the issue following these steps:

 

  1. Open Microsoft ActiveSync on your desktop PC.
  2. Click on the Help menu > Troubleshooter for ActiveSync.
  3. Follow the instructions provided in the "Troubleshooter for ActiveSync" wizard.

 

For information on how to manually configure a firewall application to allow ActiveSync/WMDC connections, please visit the Desktop Firewall Applications section of Microsoft`s website at:

 

http://www.microsoft.com/windowsmobile/help/activesync/default.mspx

 

For a list of TCP/IP ports that ActiveSync/WMDC requires, visit the following website at:

 

http://support.microsoft.com/kb/259369/en-us

 

For additional help, visit the following websites:

 

 

In the worst case (such as if you are using an uncommon firewall application), you will need to manually add the following folders, programs, processes, services, TCP port, and Windows registry key to be allowed by (or to be treated as exceptions to) your firewall:

 

  • C:\Windows\WindowsMobile (for Windows Mobile Device Center)
  • ActiveSync Application (C:\Program Files\Microsoft ActiveSync\WCESMgr.exe)
  • ActiveSync Connection Manager (C:\Program Files\Microsoft ActiveSync\wcescomm.exe)
  • ActiveSync RAPI Manager (C:\Program Files\Microsoft ActiveSync\rapimgr.exe)
  • ActiveSync Service (TCP port 26675)
  • [HKLM\Software\Microsoft\Windows NT\CurrentVersion\SvcHost]
  • Static IP address 192.168.55.101

 

Virus scan programs sometimes come with a mobile device scan feature. Disable this feature while establishing the initial ActiveSync/WMDC connection and partnership. You then may be able to re-enable the feature for later connections.

 

Nov 2017

 

In security, enable for Svchost/WcesComm:

 

Outgoing UDP, remote address 169.254.2.1, remote port 5679

Incoming TCP, remote address 169.254.2.1, local port 990

 

When connecting the handheld, you should find a new IP address on the desktop computer connected to the device, which you can obtain through the command "ipconfig":

 

Ethernet adapter Local Area Connection 9:

 

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 169.254.2.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::8200:60ff:fe0f:e800%13
Default Gateway . . . . . . . . . :

 

The device actually will obtain an IP address as well, which is usually 169.254.2.1. So now, when you want to connect to the Desktop's HttpListener, you would make a HttpWebRequest with the url being http://169.254.2.2:12345 assuming your HttpListener listens on port 12345.

SNOWGAGE

HARVESTMASTER

JUNIPER SYSTEMS

CEDAR PRODUCTS

JUNIPER ASPECT

DIVISIONS

Juniper Systems &

HarvestMaster Main Office
_____

1132 W 1700 N

Logan, UT 84321 U.S.A.

Tel: 435.753.1881

Fax: 435.753.1896

Juniper Systems, EMEA

Main Office
_____

1st Floor

4 The Courtyard

Buntsford Gate, Bromsgrove

B60 3DJ, UK

Tel: +44 (0) 1527 870773

HarvestMaster Europe

Main Office
_____

Bauernstrasse 9, 4600

Wels, Austria

Tel: +43 7242219333

Email: office@harvestmaster.eu

SOCIAL

juniper blog

linkedin

youtube

facebook

twitter

SITE MAP

Copyright © 2017 Juniper Systems Inc. All rights reserved.