
              PopNote Tips and Fixes
      Copyright 2007 by G.Mike Raymond, K5HUM
              Last Updated 07/11/07

PROBLEM:

Most all problems with PopNote have to do with Firewall 
blocks and or not having Administrator rights on the PC 
you operate.  The typical firewall scenario using 
PopNote is: you can send out a popnote but you get no 
echo from the remote and the remote is unable to send 
to you.  Of course this assumes the remote is online 
and running PopNote at the time, which in my case 
should be true.

*If your problem is PopNote failing to upgrade go to the 
bottom of this article.


QUIK TEST:

Use the LocalHost address of "127.0.0.1" (it should be 
an entry in the address window) to see if PopNote will 
talk to itself (local loopback) before proceeding.


SOLUTIONS:

PopNote requires that UDP ports 54538 and 54539 pass 
traffic in both directions in order to signal 
correctly. In most cases, firewall blocks to incoming 
packet traffic cause problems with PopNote. Incoming 
blocks can start with the Modem (especially the newer 
DSL types like the Westels), then the Router (if one is 
used) and finally the PC itself. 

Since modem and router setup menu configurations vary 
widely, it is not possible for me to cover the "how to" 
setup of every device out there. However, here are the 
basics you need to know.

Many digital cable modems especially the newer DSL 
modems have internal firewalls that block almost all 
incoming traffic other than the web and email server 
ports. They are typically "on" by default. Disable the 
internal firewall by using its internal setup 
configuration menu. Access to the internal setup 
configuration menu of most all Modems (and Routers) is 
through your Browser using a special (non routeable) IP 
address that accesses a mini web server built into the 
device.  You should set either DMZ or IP Passthrough to 
enabled. In many cases you can access the devices 
configuration menu using your Web Browser and the 
address 192.168.1.1 or 192.168.1.254  If either of 
these IPs do not work, look for the device's setup IP 
address in its user manual.

If you are using XP, (any version) I highly recommend 
you disable XP's built in firewall so you can have more 
precise control over your system using a better 
software firewall as described farther down this 
article. There are many ways to reach the required 
disable menu. One way is vi the Start Button /Settings
/NetWork Connections /Local Area Connections /Properties
then high-light the Tcp IP Protocol and /Advanced
button.  Then disable it.

I recommend ZoneAlarm as a software firewall.  First 
because it works well, and second because Zone offers a 
free version, third because Zone can check a change in 
a files crc signature which most hardware firewalls do 
not do. Finally, with todays powerful computers, a PC 
hardly knows a software firewall is running in the 
background. There are other good software firewalls but 
I can recommend ZA with 7 years of confidence acquired 
in using it.

If you use ZoneAlarm, you MUST set Zone's Internet 
security to "Medium", not High.  Leaving the default 
setting on High will block many Ports in a useless 
Stealth mode and give little or no extra protection. 
Any hacker worth his salt will laugh at any ports in 
stealth mode. Without stealth you are still protected 
if the software you are using on any particular port is 
properly written and has no secret back doors.  It is 
up to you to KNOW what client server software you are 
using. 

If you have a router between your modem and PC, I 
recommend that you DMZ the node your PC connects to on 
the router. A good software firewall on your PC makes 
it redundant and overly complicated to also use the 
routers NAT as a firewall.  DMZ eliminates a lot of 
nuisance port forwarding or triggering tasks for all 
the client server software you use.  Thus keeping your 
operational pain to a minimum.  

If using a Router between your modem and PC its best to 
define a fixed (*non route-able) IP for your PC's NIC (one 
thats within the IP range dictated by your router). 
This eliminates problems on a home LAN with more than 
one PC connected, should one power down, then reboot and 
grab a different IP vi the routers DHCP server. This is 
because in most cases you have to define the IP you 
will DMZ.

note: If NOT using a router, just a digital modem 
connected directly to your PC's NIC, your WAN 
(Internet) IP will be the same as your PC's IP address.

Here are the steps I take when solving firewall blocks 
on my family and friends PC's. First temporarily 
disable the Windows Firewall (assuming its XP).  Does 
PopNote work? If so, the block was there (if SP1, leave 
disabled and get a better configurable software 
firewall - if SP2 configure it to pass PopNote), if 
not, leave it disabled then temporarily disable any 
software firewall. Does PopNote work? If so, the block 
was there, (so approve PopNote through that firewall) 
if not leave it disabled then temporarily DMZ your LAN 
node on your router.  Does PopNote work? If so, the 
block was there (so port forward UDP/TCP on 54538 and 
54539), if not leave it in DMZ mode then "IP Forward" 
your DSL modem. By now, PopNote should be working. In 
some cases more than one area could be blocking. So, re 
enable the non offending areas and port forward as 
required. 


NIC RESET and DIAGNOSTIC TEST: 

From a command window type "IPCONFIG /RELEASE". When 
the prompt returns, type "IPCONFIG /RENEW" and make 
sure you see no error messages. This step make take up 
to 30 seconds before your prompt returns.  Next, type 
"IPCONFIG /ALL" to see if your NIC acquired a non 
routable IP from your router. Again, if you have no 
router, your PC's NIC IP will be your WAN IP.

How I operate.  I completey disable the built in 
firewalls in my Modem, Router and OS.  I run ZoneAlarm 
on all my machines, including my 24/7 web server. I 
NEVER have any problems with ports, Zone takes care of 
everything.  Now, I realize my advice works great for 
me only because all my machines are in a secure home 
environment.

I also run PopNote on each PC on my LAN.  Each of the 
other Node's must be properly port forwarded to 
communicate over the outside Internet, but only the 
active PC (the one I wish to run PopNote from at the 
moment) can have this Forwarding "Enabled" within the 
Router.  This is usually nothing more than adding or 
removing a check mark in the routers appropriate setup 
menu. For convenience I have a bookmark on my Browser
for my Routers IP address.

Routers can cause big headaches, especially the poorly 
designed ones that are unstable and or frequently lose 
their eprom cmos settings.  I can recommend with 
confidence, the LinkSys WRT54G (about $50) built by 
Cisco Systems - the same company that builds backbone 
routers for the Internet. Most all Wallmart stores 
carry them, so access and availability is good nation 
wide.

For additional help on how to setup home LANs, read:
HTTP://ARC.TZO.COM/HAM/NETWORK.TXT 

For help setting or understanding Port Forwarding on
various routers, visit: http://www.portforward.com

For operational tips on running PopNote, read the
FAQ under PopNote's HELP menu.

*Non Routable IP's are addresses that are blocked by 
outside Internet backbones (routers) and thus cannot be 
used to pass traffic across the Internet. In theory, 
because routable IP's are unique world wide addresses, 
there are never two identical WAN IP's at the same 
time.  Not so with LAN or non routable IP's.  Jim, Joe 
and Frank can all be using a non routable IP of 
192.168.1.100 on their home LANs without conflicts. 

If you are wondering how your WAN IP can be (example) 
68.114.113.168 and your PC's IP be something like 
192.168.1.100, and incoming packets be addressed to 
68.114.113.168 yet reach 192.168.1.100 its because your 
router contains a NAT or Network Address Translator 
that determines which PC on a LAN to direct incoming 
traffic from the Internet. Generally it does this by 
examining the "port" portion of the address carried on 
an incoming packets datagram. This is why, generally, 
no two PC's can have client software actively listening 
(acting like a server) on the same port.

Should you still be unable to solve your router 
problems here is a list of common Router Manufacturer's 
Technical Support contact information.

Manufacturer	Homepage	                     Technical Support
Linksys	        http://www.linksys.com/support	     1-800-326-7114
Netgear	        http://kbserver.netgear.com/main.asp 1-888-NETGEAR
 	 	                                     1-888-638-4327
 	 	                                     1-800-211-2069
D-Link	        http://support.dlink.com	     1-877-453-5465
SMC	        http://www.smc.com/index.cfm	     1-800-762-4968
Apple Airport	http://www.apple.com/support/airport 1-800-275-2273
Belkin	        http://www.belkin.com/support	     1-800-223-5544
Buffalo	        http://www.buffalotech.com	     1-866-752-6210
Microsoft	http://support.microsoft.com/msbn    1-800-936-3900
US Robotics	http://www.usr.com/support	     1-888-216-2850
Dell	        http://www.dell.com     	     1-866-930-3355

                     -[30]-