Note This document is based on the original spoken Support WebCast transcript. It has been edited for clarity.

Curtis Koenig: Good morning, everyone. As we've already mentioned, today's presentation is going to be on Home Networking and Internet Connection Sharing in Microsoft^® Windows^® XP. Basically, this is going to be a broad overview from a high level, so that beginners can begin to begin to understand what they'll need to do to share an Internet connection in their home network.

We'll look at some of the technologies that are used in Home Networking, and we're also going to discuss how you can set up this sort of networking using Microsoft Windows XP. We're going to talk about what Internet Connection Sharing is (slide 3), what equipment you're going to need to do it, how long it takes to set up, some common issues you might run into, and basic troubleshooting that you can do on your own, before you call for support.

First off, what is Internet Connection Sharing (slide 4)? Internet Connection Sharing was introduced in Windows 98, and it allows an Internet connection on one computer to be shared with many computers by creating a home network. The nice thing about Internet Connection Sharing is that it also adds a level of security to your home network, because we use a hidden IP number that isn't broadcast across the Internet, which means that people cannot see the actual IP number of the computer accessing the Internet. The benefit of it is that you have a lower cost. You only need to pay for one Internet connection for say two or four home computers. As I mentioned already, you get an extra level of security, which Internet Connection Sharing is implementing.

The equipment that's needed (slide 5) is relatively simple to get and can be purchased at any local store in your area. Basically, you'll need an Internet connection, either a phone modem, DSL modem, or cable modem. Pretty much any type of Internet connection can be shared. Then, you'll need network interface cards. Network interface cards are relatively inexpensive, and you'll need at least one for every computer that's going to be on your home network. You'll also need a network hub. The hub is designed so that one computer that is acting as the host can then connect to all the other computers. Wireless connections can also be used for Internet Connection Sharing. In those instances, you may or may not need a hub, depending on the type of wireless connection you're using.

It doesn't take very long to set up at all (slide 6). The thing that really determines how long it takes to set up is how large your network is. Essentially, you have to set up the Internet Connection Sharing host first. Then, you set up all the clients that are going to be part of that network. So how many clients you have will determine how long it takes.

It also depends on what type of network you have, if you have a wired or a wireless network. Wired networks are relatively easy to set up and are pretty common. Wireless networks are a little newer and a little less common, and they can sometimes take a little longer, depending on the kind of hardware you have and what kind of wireless networking you're using. There are several standards of wireless networking.

It also depends on your level of comfort with installing the hardware. Some computers come with network interface cards and some don't. So you may have to open your computer and install the card. If you're not comfortable with doing that, you may have to take your computer to a repair shop or upgrade location where they can do that for you. That can add time to how long it takes to set up the network.

The other thing that adds time is the type of operating system. Windows XP is very easy to set up, and so are the other Windows variants — Windows Millennium Edition, Windows 98, and Windows 95 — but you can also have other types of computers on your network, and they can add complexity to the network setup.

Setting up Internet Connection Sharing is relatively easy in Windows XP (slide 7). There's a built-in wizard called the Network Setup Wizard. You can get to that by clicking on the Start button, pointing to All Programs, pointing to Accessories, pointing to Communications, and clicking Network and Internet Connections. It's a very easy wizard to understand, and it has some drawings for how your network may be set up, because you can have an Internet gateway device, such as a cable DSL router, which are common with some ISPs today, or you could just have your computer that's acting as the host to share the connection. There are several questions that the wizard will ask and that you will then answer. It will then set up your network appropriately.

You can also set the connection up manually in Windows XP. Look in Control Panel, click on Network and Internet Connections, and then choose the connection you want to share. Right-click on it and choose Properties, and then go to the Advanced tab.

I generally recommend that you use the wizard first, because it will set all settings automatically and appropriately for you, without you having to understand networking in detail.

The common issues (slide 8) you're going to run into are incorrect use of the wizard — if you select the wrong choice, if you think you have a certain type of network, and you really don't; third-party firewalls, and firewalls are products that are meant to protect your computer; Point-to-Point Protocol over Ethernet, which is a special type of protocol that is used by some DSL and cable Internet service providers (ISPs) to allow access to the network that requires a password and a user name. Sometimes the software they use to do this is incompatible with Internet Connection Sharing. There are also some issues you may run into with applications and hardware.

In terms of resolving these issues (slide 9), first, there's incorrect use of the wizard. The time to run the wizard is when you're setting up your network. After the network is set up, you shouldn't have to run the wizard again. The wizard should set all settings appropriately for the future. If your network doesn't change, you really don't need to change the host, either. You can add clients without configuring the host or the other clients. You can configure that new client. In terms of the wizard choices, there are some really nice drawings that show up, if you need help, that will help you figure out what kind of network you have. If you don't really know, you can just take a quick look at the wizard, take a look at the pictures it has for you, and then make the appropriate choice.

Third-party firewalls (slide 10) can cause a few problems, too. In this age of the Internet being everywhere, everybody wants to be as secure as possible. So sometimes they install firewalls. The reality with Internet Connection Sharing is that you only need one firewall. That firewall needs to be on the computer that is sharing the connection. Some people want to try to be extra secure and install firewalls on the client computers. You don't need to this because, as I said before, Internet Connection Sharing uses a type of IP address range that isn't broadcast across the Internet. You only really have one computer that shows up on the Internet, that's the only place you need to have a firewall. Installing a firewall in the client computers can cause those computers to not participate in the home network correctly, or not be able to share files, printers, or other common tasks. There are also some older firewalls that are incompatible with Windows XP and that can cause problems with the TCP/IP protocol that is used for Internet Connection Sharing.

As I mentioned before, there's a type of connection called PPPoE, Point-to-Point Protocol over Ethernet (slide 11). In Windows XP, we now include a simple PPPoE client that you can use if your ISP requires you to use that. So if you have a version of the PPPoE, such as WinPoET, and there are some older versions of that software that don't run correctly on Windows XP, it will tell you right off the bat, when you try to install that software, whether it's compatible or not. And then you can try to use our PPPoE software. Our PPPoE software that's included in Windows XP does work with Internet Connection Sharing.

The other problem you may run into with Point-to-Point Protocol over Ethernet is what's called the black hole router. That has to do with the Maximum Transfer Unit (MTU). There is a Knowledge Base article at the end of this presentation on troubleshooting that if you wish, but since this presentation is intended for new users or a basic overview of the technology, I'm not going to go into that in detail. Essentially what it means is that the two networks allow different amounts of traffic. If your ISP has a low bandwidth, and you have a higher bandwidth you're trying to use to send out, your packets may not go out. There are some things we can do to fix that. Like I said, I'm not going to go into that in great detail today.

Another issue you may run into is application issues (slide 12). All Microsoft applications for Windows XP are compatible with Internet Connection Sharing. Internet Connection Sharing uses a special technology called Network Address Translation that is an industry standard, and that's part of what provides the security. It also causes some problems with third-party applications that are not designed to work over Network Address Translation. These could be chat programs, IRC programs, or other sorts of programs. We are working very diligently with manufacturers to help them resolve these issues, so that all their applications work on Windows XP. Microsoft applications are already compatible with Network Address Translation, so you shouldn't have any problems with them. But you should be aware that some client computers in an Internet Connection Sharing home network might not work properly {with third-party software}.

Another hardware issue you may see (slide 13) is kinked or bent cables. The cables in a home network or that are used for Ethernet transmission are quite sensitive. They shouldn't be placed under carpets where they're going to be walked on. They shouldn't be kinked, because this may cause transmission problems.

You could also have a network card that isn't working properly. There are many ways to diagnose that.

You may also have incorrect drivers for the type of hardware you have. You should always ensure that you're using a driver that was designed for the operating system you're attempting to install the hardware on. If you don't have that driver available, you may want to use another computer to go out to the Internet and check the manufacturer for an appropriate driver.

Another common issue that we see is occasionally a cable comes unplugged — while cleaning the house or moving a piece of equipment, a cable is removed. For that reason, the computer appears to be on the home network — you look at it real quick, and the cables appear to be there, but it's really not plugged in firmly. You should be very careful, especially when using cables in a home network, that it doesn't go into a high-traffic area or an area where the cable's going to get damaged, because it may cause you to have to replace the cable on a regular basis.

There are a lot of very nice tools built into Windows XP to help you troubleshoot Networking. You can get to them by going to the Help and Support off of the Start menu, and going to Networking and the Web under the Tools section. A lot of the tools are automatic, and they will tell you right away whether they pass or fail, and you can take a look at what's going on in terms of your network. They're very good, basic troubleshooting tools that you can use without having to know a lot about Home Networking.

Some of the Knowledge Base articles that we have are listed here. Some people think they need to have every computer be the host, and the reality is you only need one, and Q230140 (http://support.microsoft.com/support/misc/kblookup.asp?id=Q230140) explains how that works. There's also Q234815 (http://support.microsoft.com/support/misc/kblookup.asp?id=Q234815), which is a description of Internet Connection Sharing in a little more detail than what we're talking about today. Q241570 (http://support.microsoft.com/support/misc/kblookup.asp?id=Q241570) talks about the security features that I've mentioned today in terms of using Network Address Translation and the types of IP numbers we see. Q159211 (http://support.microsoft.com/support/misc/kblookup.asp?id=Q159211) is the black hole router problem relating to MTUs. So if you think you may have that problem, you may want to take a look at those Q articles. They tend to be fairly technical, and if you're not comfortable with the level of technical expertise provided, call Microsoft Product Support Services. We'll be happy to help you out in resolving that issue.

That concludes the formal presentation I have for today. So I'm just going to turn this over to Jason for the question-and-answer portion of our WebCast.

Jason Bennet: Thank you for that presentation, Curtis. We do have just a couple of quick notes before we move on to the Q&A portion of the Support WebCast. To access information on all upcoming Support WebCasts and the archived content from all past WebCasts, an easy-to-remember URL is http://support.microsoft.com/webcasts/.

We did have a quite a few questions, and we still do have quite a few questions coming in. I want to thank everybody for getting started early and sending those in to me. Again, we will only be able to take questions during the live WebCast.

So the first question is: Do the firewall capabilities in Windows XP allow a VPN connection to be used either on the system running the firewall or another system on the home network using the ICS or firewall system? We routinely use VPN connections from home networks to the corporate network.

Curtis: Yes, you can use VPN connections from any of the computers on a home network. The nice thing about Network Address Translation is that it is an industry standard. So any computer can create a VPN connection going out. I can't comment specifically on certain types of VPN software, such as Check Point VPN software, or something like that. There are some versions of third-party VPN software that may not work correctly on Windows XP. I encourage you to search the Knowledge Base for those. But if you just want to use Windows XP to make a VPN connection, you can do that through your Internet Connection Sharing Internet Connection Firewall (ICF) without having a problem.

Jason: How well does ICS work with USB-connected DSL modems versus Ethernet-connected modems?

Curtis: That really varies, depending on the manufacturer. Because of the way USB works, in terms of a DSL modem, you may or may not be able to share the connection very easily. That really depends on the driver that the manufacturer has provided for that modem. If the driver is compatible and can be bound to Internet Connection Sharing, then it's not a problem.

The area of difficulty really lies with the manufacturers producing drivers. I haven't seen anything specifically with USB-connected modems having a problem, or even network interface card-connected modems having a problem. The advantage of network interface cards is that because they tend to be very common and similar, it's very easy to put them into Internet Connection Sharing. Whereas with the USB version, you really have to depend on the manufacturer to produce a driver that is compatible with being bound to an Internet Connection Sharing connection.

Jason: I do want to make a couple of quick comments. We have gotten several people asking questions that are product support questions. So if it's something where you've tried to set this up on your machine, and for one reason or another it doesn't seem to be working, and you've done everything correctly, it's really going to turn into a product support issue. What I'd suggest you do is contact Microsoft Product Support Services and speak to a support professional. You can also get on the Web, go to http://support.microsoft.com/, and submit an incident right there. So that's probably going to be your best bet, if you have a particular problem you're running into. These question-and-answer periods are really more for just discussing the topic we've talked about and delving into particular intricacies that you're interested in.

The next question: Is ICS a NAT implementation?

Curtis: Yes, Internet Connection Sharing is a NAT implementation. Essentially, Internet Connection Sharing is a DNS forwarder, a DHCP, a NAT, and a firewall all rolled into one item. So the client computers get IP addresses automatically from DHCP. If they want to query other computers by name, the DNS forwarder takes care of that for local addresses and forwards requests on to your ISP for non-local addresses. And then it uses NAT to translate packets to the public Internet from your private network.

Jason: You might have talked about this, but: Can you touch on security issues regarding sharing printers or drives on the network?

Curtis: That's kind of a hard one to understand, in terms of what you mean by security, because there are a lot of levels to that. Because you're on a private network that's using an address range, and in this case we're using 192.168, which is an agreed-upon address within the Internet community, it's assigned by IANA for use in Internet Connection Sharing, those aren't broadcast on the Internet. So anything you're sharing behind the Internet Connection Sharing host never leaves that local network.

If for example you're sharing a printer with your son, who's on a computer that's part of your home network, you're only sharing it with him. Those packets are not transmitted to the Internet.

If you share a printer on your home network, you're not sharing it with the entire world. But if you're also using the firewall in Windows XP to protect that external connection, you're providing another level of security. The firewall that's built into Windows XP is what we call a stateful firewall, which means if for some reason I send a packet out to a server, that packet's allowed to come back. But if someone on the Internet tries to send me a packet without my requesting it, the firewall ignores the packet, and the packet is dropped.

You don't have to worry about people trying to ping your computer or to get into it through an open port, because there are no open ports with the firewall. So in terms of security, in terms of sharing files and sharing printers, because you're behind a Home Network, you're using NAT, and we have the firewall implemented, there are really no security concerns with having that printer or share open or the entire world getting into it.

Jason: The next question: Can multiple users behind ICS run Messenger on the intranet and Internet?

Curtis: The reality of Messenger is that it's an Internet application. To log on to Windows Messenger, you have to have an Internet connection to contact Passport, first to get verified, and then to log on to the Chat Service. So if you have two internal users — after they have Internet Connection Sharing implemented, you have a host and two clients. If those two clients both log on to the Internet and both log on to Messenger, they can chat on the Internet and to each other at the same time, because the reality is that both computers are treated as though they're on the Internet. They can both contact Passport for authentication, and they can both contact the chat server to be logged in.

You shouldn't have any problems at all, in terms of that. You just have to have a live Internet connection for Messenger to work. That's just the way Messenger works.

Jason: Is NetMeeting^® now moot because now that Messenger has video app sharing and so on?

Curtis: That's sort of the idea behind the new Messenger. We're trying to extend NetMeeting into an area where it hasn't existed before and make the interface a little easier. I don't know if you would say it's moot, although Messenger does now cover pretty much every service that you had in NetMeeting. According to our announcement from a few days ago, we're also going to have some voice-over IP services for Messenger that you'll be able to download soon. You will have to sign-up for an account with a voice-over IP provider, but you'll be able to do that through Windows Messenger as well.

Jason: Are there any compatibility issues if your network computers are running different versions of Windows?

Curtis: There should be no compatibility problems at all. Really the only stipulation for any computer running on Internet Connection Sharing or Home Networking is that they use TCP/IP. The advantage of that is that TCP/IP is a universally accepted standard, and I can't think of any computer off the top of my head that users would have commonly in their home that isn't capable of running TCP/IP.

You could also use other networking protocols in specialized instances, such as IPX/SPX. We only recommend the use of IPX/SPX if you have the sort of Home Networking setup where you have a cable modem that goes to two different computers, and they both get public addresses on the Internet. In that instance, the firewall is usually installed on Windows XP. The firewall, because it stops TCP/IP traffic, also stops silent printer sharing. In that instance, what we recommend is that the user install IPX/SPX and bind it to File And Print Sharing for their local network, so that they still have connection to the Internet. They still have a firewall for protection, but then they use IPX/SPX. In that instance, you're really not using Internet Connection Sharing. Those computers are really connecting directly to the Internet. So you're not using the advantages that Internet Connection Sharing gives you, in terms of security and sharing.

Jason: Why has Windows XP Home Edition dropped passwords on shared folders? That's a real pain. How can I keep my kids out of the financial folders that my wife and I share on our home network?

Curtis: This is really a sharing question, not necessarily an Internet Connection Sharing question, but part of the reason that Windows XP Home Edition has changed is, we took a long, concerted look, during the beta, at what people were doing with their home computers. In bringing people to the Windows 2000 platform, which is really what Windows XP is based on, there's a lot more complexity in terms of security, and file sharing was added.

To make sharing simple, we created what's called Simple File Sharing. By default, Simple File Sharing is to the Guest account and the Guest account only. If you disable the Guest account on Windows XP, no one can connect to your shares. Unfortunately, this also means that that's the only way to connect. There's no way to restrict what user has access to a share. This is what we call an advanced sharing sort of question.

This is what Windows XP Professional is for. Windows XP Professional is much more like Windows 2000 in terms of its sharing model, and it allows you to share files and settings to particular users, create all kinds of passwords, whatever you want to use.

Windows XP Home Edition was created for the novice user who's new to computers, or who may not want some of the robust power that's included in Professional. So in order to make it easy for everyone to use, the decision was made for Windows XP Home Edition to use this simple file sharing model, and there's really no way to change that.

Jason: Okay. Can you give a couple of methods for troubleshooting a failing network card?

Curtis: The best place to go is the Network Troubleshooter that's in Help and Support. You can go there, and it runs very basic tests. It runs a loopback test to see if the TCP/IP stack is even working correctly with the network card. It pings itself. It pings the loopback address, and it pings the IP address that's already assigned to the network interface card. That's basically the bottom line test to tell you if the network card is working.

The other thing to look at is the Device Manager. You can go into Device Manager and see if there are any little yellow "bangs." They look like little exclamation marks. If there's a little yellow bang, you can double-click on that item and look at it. It will usually give you an error code, and then you can search for that error code on the Microsoft Knowledge Base, and get some more information about what's happening on your network. Most of those little, yellow bangs are caused by incorrect driver versions.

Network cards don't fail terribly often, but occasionally they do. The way you'll know this is, if the network card is installed, it appears to operate normally in Device Manager, but you can't ping the loopback address or you can't ping the IP number that's assigned to the card. If those two things aren't working, that's a pretty good indication that the network card has failed.

There's a lot more that you can do, but it's extremely detailed, and it would take more time to explain than I have today.

Jason: How can I share a fax printer with a peer-to-peer Windows XP home network?

Curtis: In a peer-to-peer Windows XP home network, essentially you have no Internet Connection Sharing host. Let's say that. Let's say we have no Internet Connection Sharing host. We have just two computers and no Internet connection whatsoever. What you're going to have to try and do is come up with what we call an IP address scheme. The IP addresses should be relatively similar for the two computers. For example, you'd assign the computer with the fax machine 192.168.0.1, and you would assign the other computer 192.168.0.2. That way, we know the two computers are in the same IP address space. When the fax machine is installed on one or the other computers, all you have to do is go into File and Print Sharing and share that item.

Some hardware isn't allowed to be shared. Again, it is up to the manufacturer to produce drivers that allow it to work fully with Windows. If they haven't done that, then there's not a whole lot you can do about sharing. It's really up to the manufacturer. But if they have produced it so that it can be shared, you can go into the Printers and Faxes area under the Start menu, right-click that item, and choose Share. As long as the two computers have some sort of network connecting them, in this case we're using IP with a similar address scheme, they should be able to see each other and then share those pieces of hardware, such as a printer.

Jason: Do you have documentation explaining how to set up a VPN?

Curtis: I'm sure there's an article in the Knowledge Base, but there are so many of them that I don't know the number off the top of my head. You can just go to http://support.microsoft.com/ and choose Windows XP as the product. Then, type in the keyword VPN in the keyword box. It should bring up all the articles related to VPN in Windows XP.

The other thing you can do is go into the Help and Support in Windows XP and search on VPN. The instructions for how to create a VPN connection using the Make New Connection Wizard are included in the product.

Jason: Is Internet Connection Sharing visible from the ISP?

Curtis: No, it is not. As far as the ISP is concerned, there's really only one computer. They assign one public IP address to the one computer that is acting as the host. This is a very in-depth thing to explain, but I'll try to make it as simple as possible. Your internal computers have an IP address range that is not transmissible on the Internet. If you sent a packet out with that IP number, any router on the Internet would drop the packet. That's part of that IANA agreement with the IP numbers. What happens is, the client computer sends a request to the host. The host slightly alters the packet header, then replaces it with that public IP address from your ISP and then sends the request on to whatever your requesting — any Web site, say microsoft.com. And microsoft.com then responds. The host computer sees that return packet, checks itself to see who sent out the originating packet, and then sends it back to that computer. So as far as your ISP is concerned, they have no idea that you're using Internet Connection Sharing.

Jason: Does Windows XP support Check Point SecuRemote VPN-1 clients when Internet sharing over a cable DSL?

Curtis: I really don't know about specific products off the top of my head. Again, I would suggest searching the Knowledge Base or the Windows XP site. Try http://www.microsoft.com/windowsxp/ for Windows XP and http://support.microsoft.com/ for the Knowledge Base search, and type in the keywords of the product you're interested in. I believe there's a list on the Windows XP site that has to do with application compatibility that will tell you if we know that an application doesn't work correctly. If it doesn't work correctly, there will be a Knowledge Base article for you to refer to.

Jason: Is this a good place to search for hardware as well? I have a couple people asking about NIC cards —

Curtis: The best place to go for hardware compatibility is the Hardware Compatibility List, and that's http://www.microsoft.com/hcl/. You can look at the entire list of network cards by choosing Network Cards in the option box, or you can type in a particular manufacturer and look them up. What that page will do is it will tell you if Microsoft has tested the device. There are two different types of compatibility that can show up. There's an icon that says compatible, and there's an icon that says logoed. If an item it compatible, it means we've tested it and it's compatible. If it's logoed, that means the manufacturer has submitted a driver to us. We've tested it, and we've given it Windows XP certification. You can also just walk into any store, a BestBuy, a CompUSA, or whatever your local home electronics store is, and you can look at the packaging for a piece of hardware. If it's been logoed on the side of the box, you'll see "Ready for Windows XP" right there, and you'll know whether or not we've tested it and certified it to be ready for Windows XP.

Jason: Can you name some common applications that are not NAT compatible?

Curtis: Some that I know right off the top of my head are some of the older versions of mIRC. The reason they don't work well with NAT is they use what's called a complex protocol. So the request goes out on one port type. It comes back on several. NAT cannot deal with that. When the replies come back to the port that it wasn't sent on, the firewall and the NAT don't know what to do with it. So the packet ends up being dropped. For the most part, with your common applications, because Windows XP has been in development for a while, we've notified manufacturers of the changes to NAT and Internet Connection Sharing.

One of the new things we've added is called Universal Plug and Play networking. This isn't to be confused with hardware Plug and Play. Universal Plug and Play is a new networking standard that allows items to advertise themselves on your home network. In this case, Internet Connection Sharing advertises itself. So if you create a Windows XP Internet Connection Sharing host computer, it will advertise the fact that it is sharing a connection to your entire home network. At this time though, only Windows XP clients will be able to understand those packets. Windows 98 and Windows Millennium Edition do not currently understand Universal Plug and Play. What you'll see on a Windows XP client is, "I have just detected a new connection being shared on this computer. Would you like to use it?" It will then automatically use that connection for your Internet connection. You really don't have to do a whole lot of setting up. That's because Universal Plug and Play has advertised it for you. Network Address Translation also uses Universal Plug and Play.

So to a degree, we rely on the manufacturers of software to add these Universal Plug and Play things to what we call the complex protocol stack, such as IRC clients and other things, so that they can tell the firewall, "I'm going to go out on this port, but I'm going to come back on these other 10 ports. When I come back, be sure to open them." I honestly expect most manufacturers to add Universal Plug and Play support to their applications so that they work properly behind NAT Internet Connection Sharing, and so they can work just fine on any home network.

In terms of Universal Plug and Play, we're also working with third-party NAT providers, and what are also known as cable DSL routers or home gateways, which are made by a lot of companies. Currently, the disadvantage of using them over Windows XP Internet Connection Sharing is that some Windows XP items will not work correctly behind those types of NAT items, because they don't have Universal Plug and Play. So they don't know what ports to open for return requests to come in on, but they are going to add that sort of functionality. Many of them have already announced flash upgrades to their devices to add Universal Plug and Play. If you want to add that sort of functionality, you should contact your hardware manufacturer for assistance.

Jason: Is it true that Windows XP DSL support is DSL modem-dependent?

Curtis: Support for just about anything is modem-dependent. Our DSL support varies depending on the kind of DSL modem you have. There are some USB DSL modems that aren't compatible with Windows XP, and that's because the manufacturer has not created drivers that work with Windows XP. Other DSL modems are external to Windows XP, and we have nothing to do with them. That's the sort of DSL modem where you have it connected to a network interface card. The third type of DSL is where you still have a network interface card, but you're required to use Point-to-Point Protocol over Ethernet, which is called PPPoE.

We include a simple sort of PPPoE version in Windows XP. This works with the major ISPs. It doesn't work with some, and you may have to use their software. In some cases, they haven't upgraded their software for Windows XP, and this can be a problem. This is sort of a thorny issue in terms of hardware and software, in terms of what you're using. It can be rather complex if you really don't understand what's happening in terms of drivers, hardware, and software.

Jason: If you want to use a hardware router, is there any benefit lost from not using ICS in Windows XP?

Curtis: Like I mentioned before, those hardware routers don't currently support UPnP. So if you have Windows XP clients {that are running earlier versions of Windows} or client computers, some applications won't work correctly; for example, Windows Messenger. With Windows Messenger, when you're using Internet Connection Sharing to share your connection, everything works perfectly, but if you're using a NAT, you can only use text chat. You can't use voice chat. You may not be able to transfer files, and you may not be able to do some of the other advanced functions, such as video and voice over the Internet. Again, that's because those NATs aren't capable of understanding the UPnP data that tells them what ports to open for those services to work.

No, you're not losing a great deal, but you may lose the ability for some programs to work correctly behind that NAT, because the NAT is not yet designed to understand our packet types and to allow those applications to work correctly.

Jason: We have several questions that are related to that. I'm going to clear through them. Can I use a cable router in place of a host computer with Windows XP Professional on some of my PCs? I was using a PC, but when I upgraded one of my computers to Windows XP Professional, it no longer worked. Windows XP wants to see Windows XP on the host computer also. If so, must I use a certain type of router?

Curtis: No, you don't need to use a certain type of router, but it sounds like you have a thorny network issue that may need deeper troubleshooting, and it's sort of beyond the scope of what we're talking about here today.

Jason: Okay. Again, if you're looking for one-on-one troubleshooting help, the best way is to get on the Internet and go to http://support.microsoft.com/. There are links on the left navigator bar to Request Support. That will get you in touch with a product support professional, either by phone or by e-mail. So that's a quick way to get some help on those kinds of questions.

Curtis: That's what I have at home, believe it or not. I have a cable modem connection that goes to a Linksys router that then connects several Windows XP computers that I have in my house. At the moment, I'm just living with the fact that I can chat on Windows Messenger, but I can't do a lot of the other stuff. Essentially, I'm just waiting for Linksys to produce their UPnP upgrade that they've already announced publicly, so that the features will work normally. So the way I have mine wired is, the little cable comes in from the wall and goes to my cable modem that's from @home. I then take that to my Linksys router via a 10-megabyte Ethernet cable, which then shares the connection to all my computers. There are some other connection settings that you have to set up, but those are Linksys specific, and you should probably refer to your manual or to Linksys for additional help.

Jason: Okay, great. Can we use pcAnywhere while using Windows XP Internet sharing?

Curtis: Yes, you can use pcAnywhere. What specifically you want to do with it, I don't know. For pcAnywhere, I think there is a compatible version that has been written for Windows XP. I'm not 100 percent sure on that. You'd have to check Symantec for questions like that. The only problem you will have is that pcAnywhere will only be able to connect to the host computer that has a public IP address, because you won't be able to specify that private internal address. As I mentioned before, it's not public on the Internet. There are some configuration settings you can use. If you know the port that pcAnywhere is using to connect, you could forward that port to the internal computer. That's sort of an advanced setting. There are some articles in the Knowledge Base on how to use Internet Connection Sharing and the firewall in Windows XP to forward requests like that to earlier-version clients.

Jason: Will you need two network cards in the host computer to run ICS?

Curtis: Well, that depends on the connection you have. If you have a modem, you need a modem and a network card. If you have a cable modem that requires a NIC card, then you need one NIC card for the cable modem and one NIC card for your internal network. In that sense, you do. If you have a USB DSL or cable modem, then you already have an external connection, and you just need one NIC card for the internal connection. Then you just share that external connection, but yes, you do need at least one network interface card, for the host computer, for it to participate on the internal network. That network interface card can be wired or wireless. It doesn't matter in terms of Windows XP; but you will need at least one NIC.

Jason: Can I use a firewall like ZoneAlarm Pro instead of the firewall included with Windows XP?

Curtis: You can use any firewall that you would like. We include a very simple firewall in Windows XP to provide people with security that they've been looking for. If you'd rather use ZoneAlarm, you're more than welcome to use that. The last time I checked, ZoneAlarm had a new version for Windows XP that is compatible and does run on Windows XP.

Jason: If I have the main ISP connection PC running Windows XP, will the sharing PC need any additional network protocols, aside from TCP/IP?

Curtis: No, you shouldn't need anything other than TCP/IP. TCP/IP is really what we recommend. The only time you need other protocols is when you have the special scenarios where all the computers have direct connections to the Internet. If you have a single computer that's acting as the host and several earlier-version Windows computers that are the clients, then all you need is TCP/IP. And you do need File and Print Sharing for Microsoft Networks if you want to share printers and files and that sort of thing. But in terms of just the network protocols, all you need is TCP/IP.

Jason: Okay. How does Windows XP decide how to distribute the bandwidth between the users?

Curtis: That's an extremely technical question, and the best way to answer is that the bandwidth is available to all the users and is divided equally among them when they all try to make a connection, but if one of them is not using its bandwidth, that extra bandwidth is allocated to the other computers. It's a lot more technical than that, and it involves a lot of very deep programming algorithms that are beyond the scope of our presentation today.

Jason: Would a commercial audio/video program interfere with Home Networking? I'm not sure what they're referring to here. They haven't mentioned any applications specifically.

Curtis: I really couldn't comment specifically, but my best bet on that would be no, it shouldn't interfere. It's not a network sort of application. That would be an application or piece of hardware that is separate from networking. And as far as I know, that shouldn't interfere with your networking at all.

Jason: Are there any issues with using NetMeeting for Internet Connection Sharing?

Curtis: Off the top of my head, I can't say for sure. I would suggest searching the KB. As far as I know, NetMeeting is not Internet Connection Sharing compatible, because of NAT. I think that some parts of it work and some parts of it don't. I would suggest searching the KB for articles on NetMeeting and NAT to see if there is anything specific. But off the top of my head, I can't say for sure.

Jason: Okay, the previous user followed-up on the question about AV software, and I've betrayed my background. I'm an AV person, meaning I'm an audio/visual person, and they're actually referring to anti-virus. So let me get back to the original question. Does a commercial anti-virus program interfere with any Home Networking?

Curtis: As far as I know, no, anti-virus does not interfere with Home Networking. Some anti-virus programs do try to connect to the Internet on their own to download updates. If you have a regular, old phone modem, that may cause your modem to dial when you don't expect it to, because the program is trying to dial out. Other than that, no, anti-virus programs generally do not interfere with Networking, because they're really looking at the reading and writing of files on the local computer. So the only time it would come into play is if you were connecting to a computer that had anti-virus software and were trying to write a file to that computer. Then the anti-virus application would try to check that file as it was being written. But in terms of actually preventing communication between computers, I don't see any reason why anti-virus should do that.

Jason: Do you have any documentation or do you have a pointer to information on troubleshooting why a client cannot access some Web sites but can access others?

Curtis: The best place I can tell you to go is again the Knowledge Base. The Knowledge Base contains everything that we know in terms of troubleshooting, and it's meant to help you all solve your own problems. Off the top of my head, I can't give you article numbers, because there are literally hundreds of thousands of Q articles, that's what they're called, in the Knowledge Base. I would suggest searching through there and trying to find a Q article that relates to your specific problem.

Jason: I just want to make sure that we can point these folks to something. Can you give them information on maybe pointer words or good words to use in the KB? I know doing searches in the there for the first time can be a little harrowing. Do you have words you can point them to that would help them troubleshoot client access for Web sites?

Curtis: Yes, if you're having trouble with a client accessing a Web site, you're generally talking about Internet Explorer. So you want to use "IE" as a keyword or "IExplorer," maybe. Another thing you want to look at is "DNS." It's called Domain Name System, and a lot of times the problems resolving Web pages deal with DNS. A lot of the basic network troubleshooters for that sort of problem work for any computer that is an ICS client or host. You can pretty much ignore the fact that you have ICS turned on. If you can get to some pages and not others, the thing to check is, does the client have that same problem? That's the big thing. If the client can reach all of the Web pages, then there's something happening on your internal network that is preventing browsing. There are several KB articles in the Knowledge Base. You want to use keywords like "Networking, Internet Explorer, DNS, Browsing," those sorts of things.

Jason: Okay, great. I think you've already answered this, but I'm going to go ahead: Can we use MSN^® Messenger Voice and Video under Windows XP Internet Connection Sharing?

Curtis: Yes, you can. I've already mentioned that, and yes, Windows XP, because it uses Universal Plug and Play, allows all the full features of Windows Messenger to work perfectly as the client and the host.

Jason: Does PPPoE support both machine and user identification across the network to be fully validated across the domain?

Curtis: PPPoE is a user name and a password for a network. It's not really a machine authentication. The way it's implemented is really up to the type of PPPoE software you're using. Windows XP PPPoE software is very simple and doesn't necessarily do machine validation. That's up to your ISP, as to how that's implemented. So I can't really comment specifically.

Jason: Why would I want to use ICS instead of the sharing features built into my cable or DSL router?

Curtis: As I've mentioned before, your cable or DSL router doesn't currently support Universal Plug and Play, and because of that some features of Windows XP don't work correctly, the most obvious one being Windows Messenger. In Windows Messenger, only the Chat feature works. You can't do Voice and Video. You can't do file transfers. Another thing that doesn't work is Remote Assistance. We have come up with a special way to get around that for Microsoft Product Support Services. We have a special terminal server that you log into and that we log into as well, and that allows us to do Remote Assistance when you're behind what we call a third-party NAT, which is what you'd be using. If you try to do Remote Assistance with your friends in one of the other views behind a NAT, it's not going to work, unless that NAT is already UPnP capable.

The other advantage is, you already have Windows XP, and you've already paid for the basic NAT that's already there, and all you need to do is get an inexpensive network card. You're paying a little more to get a third-party router, if you don't already have it.

Jason: Are there any special considerations that I should note for sharing two-way satellite connections?

Curtis: The only thing that I can think of is that some two-way satellite connections use a USB-type connection that cannot be shared. If they're using a basic network interface card, there shouldn't be a problem sharing that at all. Some of that is going to be hardware specific, and because the hardware varies greatly, I can't say for sure if you're going to have a problem with the hardware you have.

Jason: How does it affect performance to have everything local?

Curtis: I don't really understand that question. When you say "performance" and "local," performance of what and local to what would be my next question.

Jason: We can always follow-up with the users. If that user would put "follow-up" at the beginning of your clarifying information on that question, and just send us another message, we'll follow-up with you.

Curtis: The only connections that we're using, in terms of DHCP and DNS, are the ones on the internal network. Internet Connection Sharing is really only meant to support about five or so computers. More than that, and you're taxing it— there are sort of mini-versions of DHCP and DNS that we've written. So basically, it's just like any other DHCP request for any network. The client makes a request for a DHCP server. The ICS host responds, and then gives them a lease for an IP number, which includes the DNS information and other information that you need for TCP/IP. It all happens automatically; and essentially, it's right along with the standards for DHCP and DNS.

Jason: Is there any benefit to a third-party firewall over the one included with Windows XP?

Curtis: The only benefit I can see with a third-party firewall is that it's on all the time without having to have another computer on. With ICS and Windows XP, if the other computers on your network want to connect, that computer needs to be on in order to handle the ICS request.

Jason: You mentioned that a firewall is not required on each client, but what if you are using wireless LAN at home?

Curtis: The wireless LAN includes WEP, wired equivalent privacy. And you don't need a firewall for that, because wired equivalent privacy encrypts all the wireless packets. It's up to you to implement that, and you have to do it according to what your manufacturer has it set at. So that's what you can use there.

Jason: I think this is a follow-up to the question about, Can the ISP see the Internet Connection Sharing, and your answer was that there was a unique IP assigned. Their question is: How will it work for games that require a unique IP to join?

Curtis: Again, that's another small problem with NAT. It's up to the manufacturers of the games to produce UPnP headers for those games, so that the NAT knows what to do. There are a handful of games that have had articles written on them. This is where you host a game as a client and everyone can see it, but they can't join it, and that's because the NAT doesn't know how to translate the request back to you. So that varies based on the game. Most Microsoft games include {a technology for applications to traverse NAT} for older games, and the current DirectX^® games work just fine through the NAT. But with some third-party manufacturers of video games, you may have problems hosting a game on an ICS client, whereas you don't have problems on a host. That's going to vary on a game-to-game and manufacturer-to-manufacturer basis.

Jason: Okay. This question might have already been answered: With the ICS firewall, will I have any problems trying to use NetMeeting? What about Microsoft Messenger? Are the protocols used the same?

Curtis: The protocols are still the same port numbers and such. But yes, NetMeeting does have some problems on client computers because of NAT, and it always has. That's not a change in terms of Windows XP. The new Windows Messenger that's included in Windows XP, because it already has the UPnP stuff that I mentioned before, uses it without a problem. So if you have a Windows XP ICS host, you shouldn't have issues. You may have some issues with older versions of Windows and older versions of Windows Messenger. If you have the newest version of Windows Messenger on all your computers, and you have Windows XP as your ICS host, you should not have any issues, at least none that I'm aware of.

Jason: Do you need a connection to the Internet to use Messenger with Exchange 2000 Server?

Curtis: There is another version of Messenger, it's called Exchange Instant Messaging, and I believe that's put out by the Exchange group. I'm not sure how that works, but what you do is, instead of connecting to the Internet to do messaging, you connect to your Exchange server. In that case, you can only chat with people who are on your Exchange network. And that's really not a Home Networking issue, because Exchange is really deployed in a business environment.

Jason: Can you run video conferencing over Internet Connection Sharing?

Curtis: That's going to depend on the software you're using. Like I mentioned before, it's going to be up to the manufacturer to produce Universal Plug and Play extensions for that application so that it can work properly through the ICS connection. Right now, the only thing I know that works correctly, just off the top of my head, is Windows Messenger. But I'm sure the other manufacturers are already working diligently to produce updates to their software to work properly behind ICS and NAT.

Jason: This is one of those questions where I'm not sure what they're referring back to. Can you comment on using NetBEUI?

Curtis: NetBEUI in Windows XP is now an unsupported protocol. You're welcome to use NetBEUI. It's included on the CD that comes with Windows XP, but it's unsupported. Because Microsoft invented NetBEUI, it's getting to the point now where NetBEUI is no longer a necessary protocol. TCP/IP, because it's a standard, is a much more attractive protocol in terms of networking. So if you want to use NetBEUI, you can, but it's unsupported in terms of Windows XP, and you can install it off your Windows XP CD.

Jason: How do I identify the IP address used for my office network's ICS host? I need this IP address for the VPN wizard's Server Selection dialog box.

Curtis: One of the easiest ways to get your IP number is to click on Start and click Run, and then type cmd for command. That will give you an MS-DOS^® prompt. Then, you type ipconfig /all. That will show you all the IP information for that computer, and all you have to do is find the connection that is your external connection — it may be a modem, or whatever it is, and the IP number for that connection will be listed there.

The other way you can get that sort of information is if you've already set up your network, there's an option in the network connection to show an icon in the notification area when that network is connected. It looks like two little computer screens, and occasionally they'll blink. What you can do is right-click on that icon, and then choose the Status option. There will be a tab that comes up; one says General, and one says Support. Click on Support, and then there's an option that says Internet Protocol TCP/IP and a button that says Details. If you click that, you get the same information that you would get from typing ipconfig /all.

Jason: Are there any differences between using FAT32 or NTFS with ICS?

Curtis: No, there's not. Those are just local-type. That's basically how your files are formatted. And because networking uses what's called a server message block, it doesn't matter what type of format your computers have, because when they connect to each other, the server message block transfers the information about the files. So it doesn't matter if one computer is NTFS and another one's FAT32. That really has no bearing at all on networking.

Jason: The next question concerns networking a PC and a Macintosh. Is it possible, and do you have any pointers, if so, to documentation on this?

Curtis: Yes, it is possible. The only thing is the Mac needs to be able to run TCP/IP, and for it to run as efficiently as possible, the Macintosh needs to be able to get that IP address automatically. So as long as the Macintosh has TCP/IP and can get its address via DHCP, for example, then ICS works correctly. You can also hard code, type in that IP address if it's in the correct range for ICS; but it may or may not work correctly, and that's really something that sort of weighs on the Macintosh side.

Again, you'd have to search the Knowledge Base. I would search on "ICS, Macintosh," and "IP" for those sorts of things. For the most part, really, all that needs to happen is the Macintosh needs to run TCP/IP, and it needs to be able to obtain that IP address automatically. Then, you shouldn't have any problems at all.

Jason: When using ICS on a small home network, if some computers are using Windows XP Professional, must I use a PC with Windows XP as the sharing host PC?

Curtis: You could still have the host PC be Windows 98 or Windows Millennium, but if you want to have the most robust services and supportability for everything, it's usually recommended to use the newest operating system as your host. If you have a network that's made up of Windows 98, Windows Millennium, and Windows XP, it's generally recommended that you use the Windows XP as the host computer. The reason for that is that it has the newest version of ICS and will support the full range of features that you enjoy on your PC.

Jason: We do have a couple of questions coming in again about particular network cards and particular hardware, and @home cable modem support. Is this going to be answered by your hardware compatibility page that you mentioned?

Curtis: Yes, the hardware compatibility list is not the answer to everything, but it's got all the hardware that we've tried to test or that we're aware of. So that's the best place to go for any sort of hardware or driver issues. The hardware compatibility list tells you if Microsoft has tested that hardware and whether or not it's passed our testing. If it hasn't passed our testing, the only other place I can really recommend you go is the manufacturer of that hardware. They may have produced Windows XP drivers without informing us, and that's just fine to view as well. You can go to that hardware manufacturer and download drivers. Sometimes, if they don't have Windows XP drivers, you can use Windows 2000 drivers, but there's no guarantee that they're going to work correctly with Windows XP.

Jason: Okay. This one kind of delves into that a little bit: Will Windows XP support the 3Com HomeConnect Phoneline network cards? I bought these cards because they use the Microsoft HomeClick software, but the HCL does not seem to support these cards.

Curtis: Unfortunately, those cards have had some problems even in Windows Millennium, when I was a support engineer there. 3Com decided, when we released Windows Millennium, not to continue creating drivers for further operating systems. So even though the cards theoretically could work in Windows Millennium and Windows XP, 3Com has not produced drivers for these devices in Windows XP. So many times, those older devices don't work in Windows XP, and that's really an issue of the manufacturer not creating an appropriate driver for the operating system.

Jason: Again, if they want to know about particular cable modem support, they're going to want to go to that HCL page.

Curtis: Yes.

Jason: Okay. This is becoming a one-on-one product support question, but I thought I'd ask it, because it concerns ISDN, and we haven't seen much of that: I have a small network set up using an ISDN router hub, and a Hewlett-Packard print server on the hub, which allows Internet and printer access from either computer directly, without the other computers on. What is the best setup for this type of network that will maintain the security of my computers?

Curtis: That's really going to vary with the kind of hardware you have. I believe you said you had an ISDN router in this case, that's supplying IP addresses to your down-level clients. That's going to depend on whether it's using a NAT implementation that uses a private IP address, or if it's using a public implementation. So it's really going to vary, depending on how your network is set up. And it really boils down to, if you have public IP addresses that are not using NAT, if they're not in the range of 192.168, then you're probably getting public IP addresses from your ISP. I would recommend having some sort of firewall, either the Windows XP firewall or another firewall. If you're getting 192.168 addresses on those client computers, you're already using a NAT implementation that is protecting your network, and you shouldn't have to worry.

Jason: This is a follow-up to the question about gaming and unique IPs with some games: Games like Half-Life require a unique IP. Will ICS allow two people to join the game using NAT?

Curtis: I can't comment specifically, even though I'm a Half-Life player. I don't know of any issues regarding that. As far as I know, you could have everyone inside of your home network playing a game that's on the Internet. You can also host a local LAN game, and anyone who's local on your LAN will be able to play without a problem. The only problems that I can see is, if you were hosting a game on your local LAN, and people outside of your local LAN, on the other side of your ICS host, were trying to join, that again would be a problem: would the ICS host know the proper port to forward to the computer acting as the game server? You may have to configure that manually, because I don't think Half-Life supports Universal Plug and Play yet.

Jason: I managed to miss this comment the first time I read the question about the ISDN. I think we're really getting into a product support area here, but: The computers on my ISDN router hub have Windows XP and Windows 98 Second Edition, and the only way I could get them to communicate was to install NetBEUI on Windows XP.

Curtis: Yes, that really is turning into more of a product support issue. The other way you can get them to communicate is by using IPX/SPX. It's beginning to sound like whatever network that is, has several public addresses. So it's not using a private address range. Which means when you set up Windows XP, it was probably done with the wizard, choosing, I have a connection directly to the Internet, which installed a firewall, which halts TCP/IP traffic. So it's becoming more of a quagmire issue. If you're still having problems with that network, go to http://support.microsoft.com/, like we suggested earlier, and either submit a request for assistance via e-mail, or you can call our support numbers and get support that way.

Jason: Okay. Will any Windows 2000 drivers work with Windows XP, or do I need to get new drivers?

Curtis: Like I've mentioned before, some Windows 2000 drivers do work with Windows XP. You will get a warning about them not being tested for Windows XP, and you can continue anyway. The nice thing about Windows XP is if the driver causes a problem, you can always use the Driver Rollback to go back to the driver that was there previously. There's no guarantee with Windows 2000 drivers, if a manufacturer hasn't produced Windows XP drivers. You can attempt to use the Windows 2000 drivers, but again, there's no guarantee they're going to work correctly.

Jason: A question about NAT: Are you saying that Windows XP has a new type of NAT that's not supported by current routers?

Curtis: What we've done is we've created an extension to NAT. NAT is still the same. We haven't changed NAT. What we have added is Universal Plug and Play Networking. Universal Plug and Play Networking allows us to dynamically change the settings on the NAT to open and close ports as they're necessary from client computers for client services that use Universal Plug and Play. So essentially we've added an extension to NAT. It's still the standard NAT, but we've added an extra level of ability for the computer to do more dynamic sorts of activities in terms of your network. So if you need a port opened for a particular activity, that port is opened when it's needed, and closed again when it's not needed, to maintain network security.

Jason: You said that some DSL providers find the Windows XP PPPoE does not work. Is this an issue involving a single computer, or is it one that involves ICS in conjunction with a PPPoE Ethernet connection to a DSL provider?

Curtis: We're really not talking about ICS in that scenario. The ICS host is the only one that really needs to establish the PPPoE connection. The other client computers receive the shared bandwidth from the host computer. What I was saying there is that we have an implementation of PPPoE that works with some ISPs and not with others. It's just a matter of how the ISP has its PPPoE servers set up to accept those connections.

Jason: I'm not certain I'm reading this question right: Is Quality of Service required for ICS 4.0 for home LAN connections?

Curtis: No, Quality of Service isn't required. That's the QOS you'll see in the list of items there, and it does help maintain TCP/IP packet status for your network to operate more efficiently. It's not required, but it is usually recommended with TCP/IP.

Jason: There are IEEE authentication options with Windows XP that did not exist with Windows 98. Can you please explain these options and why or when it is to be checked off?

Curtis: Yes, actually that's pronounced I-triple-E, and that's the Institute of Electrical and Electronics Engineers. They've come up with a standard you're generally not going to use in Home Networking. If I understand the question correctly, there's an area on the connection under Authentication that says, Enable network access control using IEEE 802.1x.

You're not really going to use that in a Home Network. It's turned on by default, but if Windows XP is connected to a corporate LAN that supports the IEEE 802.1x authentication, the machine can be authenticated that way. In corporations, it's meant so that if a visitor comes to visit, I can have two types of networks, one that's 802.1x authenticated and one that's not. What 802.1x allows me to do in a corporation is say, "People who have computers that have this user name and password are allowed to use the corporate network. People who don't, only get an Internet connection. They can't access our mail servers" and things like that.

You're generally not going to see IEEE 802.1x connections in home use, because they're smaller networks, and 802.1x authentication in terms of being authenticated is done on the server. You can turn it off on your Home Network if you want. It really won't affect anything at all.

The only other items I can think of that use 802.1x authentication are some wireless cards, and again, that's up to the wireless card manufacturer and the type of access point you have for wireless networking.

Jason: You answered a question regarding DirectPC USB. I believe you said that it wouldn't work with their USB-based systems. Is this correct?

Curtis: It may not work. I don't know 100 percent for sure whether it's going to work or not. Again, that varies by hardware and driver. But we have seen some issues, and there are some Knowledge Base articles about certain USB cable modems and some USB DSL modems, which I guess falls into the category of these DirectPC USB connection devices that don't work with ICS. Now, that just has to do with the way that the manufacturer of the device has written the driver, in that it can't be bound as an ICS-hosted connection.

Jason: Will ICS work with Windows 98 clients and Windows XP as the host?

Curtis: Yes, it will. It's designed to work with all Windows clients. Essentially, anything that can run TCP/IP can work behind ICS, as long as it supports DHCP-assigned IP addresses.

Jason: When using VPN on Windows XP, and the routing table changes, is there any way to keep the connection active?

Curtis: That's getting into a deeper support question, and if you're having difficulty with that, I really encourage you to make a request for support on our home page, via the Web, or to give us a call, because there are a lot of issues that can really affect how that's working. That's really going to become a support issue.

Jason: Have you seen many incompatibilities with Internet Explorer 6 and secured Web sites?

Curtis: There are some Web sites that don't yet recognize Internet Explorer 6 as a valid, secure version of Internet Explorer, and you will get errors. A lot of those errors will say, "You need to download Internet Explorer 5.5 or 5.0." That's just a matter of the host of the Web site updating their security sheets so that they include Internet Explorer 6 as a valid browser.

Jason: Can Windows Messenger on Windows XP, using Internet Connection Sharing, talk to another computer on the Internet that uses NetMeeting video and audio?

Curtis: No, it cannot. Windows Messenger can only talk to Windows Messenger, and NetMeeting can only talk to NetMeeting. They can't cross-talk with each other.

Jason: I think several people didn't know what you meant by NIC cards. Can you talk a little bit about NIC cards, what they are, and what they do to make Internet Connection Sharing possible?

Curtis: NIC stands for network interface card. It's an Ethernet card that you can buy just about anywhere. I think they even sell them at Wal-Mart now. Essentially, it's a card you plug into your computer that uses an Ethernet cable to perform TCP/IP networking. It's very simple to use. You just install it, and this is assuming you have a compatible version, and Windows XP will recognize it — install the appropriate drivers, if it has them, or ask you for them, if it doesn't.

If you're familiar with modems, your modem uses your phone line. Well, a NIC card does the same sort of thing, only it uses Ethernet to do it. The reason it's possible is that Ethernet cards and Ethernet support what we call multiple hosts on the same network, the host being a computer. The reason that it's used is, it's a common industry standard that's easy to get and easy to use, and it allows us to share that single connection, be it modem, DSL, or cable.

Jason: How do I make Windows XP share Internet access with AOL? Are there any differences or any issues that might come up?

Curtis: That's going to depend on AOL. If they're using a Connection Manager type of connection, Connection Manager connections cannot be shared. They don't have the option for that. So if AOL is using a Connection Manager type of connection, you can't share it. But for the most part, if they're using just any sort of standard dial-up connection, all you have to do is right-click the connection you're interested in sharing, go to Properties, and then the Advanced tab. On the Advanced tab, there'll be an option to share that connection. So it's really a matter for the ISP. I have seen people share AOL connections. I have not seen them do it with the latest version, though, so I can't comment 100 percent on that.

Jason: I was wondering how we could set up an IPX/SPX protocol on Windows XP.

Curtis: The easiest way to install IPX/SPX is to go to the Network Connections folder and pick the connection you're interested in. You'll notice that under the connection is a listing. Actually, you have to choose Properties first, my mistake. Right-click the connection you're interested in and choose Properties. You'll see This connection uses the following items. If you want to add IPX/SPX, all you have to do is hit the Install button, choose Protocol, and then click Add. It will give you a list of protocols that can be added to the protocol in question, and one of those in the list will be NWLink IPX/SPX. You just click OK, and it will add the protocol to that adapter.

Jason: Is it possible to change the default port assignments for ICF default services?

Curtis: Yes, you can. The easiest way to do it is again, go to Properties of the connection you're sharing. Go to the Advanced tab. If you have a check mark in Protect my Computer, which is the Internet Connection Firewall, you'll see the button at the bottom that says Settings become available for clicking. When you click that, you'll get an Advanced Settings area. In there, you can change settings. FTP is there, and that's the default FTP setting, and that uses TCP/IP port 21. But if you want to use something else, you can add your own list in there and add anything you want to any protocol you want.

Jason: Did you mention there was a known issue with a Linksys router?

Curtis: Linksys has announced that they're going to produce a flash upgrade to their routers to make them UPnP compatible. As for some other major manufacturers, such as NETGEAR and 3Com, when those are going to be available, I don't know. That's really up to the manufacturer.

Jason: Where should they go to check that, just to the Linksys site?

Curtis: Yes, just go to the home page for your manufacturer, either www.linksys.com or www.netgear.com {Editor's note: These Web sites are outside of the Microsoft domain, and Microsoft is not responsible for their content}, and they should have some information there about being compatible with Windows XP. Linksys did make an announcement that they were going to produce flash BIOS upgrades for their routers to allow them to be UPnP, so that services on Windows XP that use UPnP to do the really rich things, like voice and video using Messenger, will work.

Jason: How much does a wireless network slow down your Internet connections?

Curtis: It really doesn't slow down your Internet connection at all. The only consideration in terms of bandwidth is, what is your outgoing connection? If your outgoing connection is a 56-Kbps modem and you have a 10-megabyte connection to all the other computers, you still only have 56 Kbps via the modem. So that's really where the bottleneck is. Wireless or wired isn't really going to affect how fast your connection is. The thing that really affects your connection is your outgoing connection — DSL, modem, satellite — whatever you're using. That's really where your bottleneck is. So whether you're using wireless or wired really doesn't apply to that.

Jason: I'm not certain this is related to ICS, but: Are there any problems with imaging with the Windows XP operating system and the Microsoft School Agreement licenses?

Curtis: That's really a setup or installation question. That's not really a Home Networking question, and it's way out of the scope of what we're talking about today. I'm not the expert for setup, so I really can't comment there.

Jason: Okay. This question, we might have answered. I just want to make sure we get it asked. Can Windows 2000 be an ICS host?

Curtis: Yes, it can.

Jason: Okay, good. It looks like this is the last question, and again, I'm not certain if it's something related to ICS: How do Terminal Services work with Windows XP?

Curtis: To a degree, that is a Home Networking question, because we use Terminal Services to do Remote Assistance and to use Remote Desktop on the Professional version of Windows XP. Essentially, it's a one-user license of Terminal Services that's built-in, so that if you have the Windows 2000 Professional version, it's using Remote Desktop. If you have a computer that's live on the network and you go somewhere else, and you want to connect to it from anywhere in the world, you just need to know its IP number, and it will use a Terminal Server client to connect to it.

Remote Assistance also uses Terminal Services, but in a slightly different way. If you haven't checked out Remote Assistance, I'd really encourage you to check it out. It's one of the neatest features in Windows XP. I like it because it allows me to help my parents in the middle of the night, without having to fly to their house in Kentucky.

All you have to do is put that computer on the network, make a request for Remote Assistance, and then the person who's helping you can see your screen when you give them permission. They can tell you where to click and what to click on, or you can even give them control of your PC, and take it back at any time by hitting the ESC key. We use this at Microsoft Product Support Services so that if you have a problem, and it's much simpler for us to just fix it for you, you can give us control of your PC. We can then fix the issue. You can watch exactly what we're doing, and we explain to you what we're doing, but you can also use this with your friends. If you have a problem and you have a friend who's a computer expert and you want him to just take a look at your PC, you can use Remote Assistance to have him take control of your PC, or you can show them what you're doing so he can see the problem, too.

It works great over Internet Connection Sharing, especially if Windows XP is the host. Because it has that Universal Plug and Play Network Address Translation, all the computers on your Home Network can use Remote Assistance to get help or give help. Again, if you're using a third-party NAT, you're going to have to wait for them to come out with the Universal Plug and Play updates for those Network Address Translation or cable DSL boxes for all of that to work correctly.

Go check out Remote Assistance. It's a great new feature of Windows XP, and it's really going to help you help your friends, if you're one of those computer experts who gets called all the time.

Jason: Okay, great. That does answer all the questions we have in the queue. So I want to thank everybody for joining us today. We're going to wrap up our session.

I hope the information was useful to you, and you can always let us know through e-mail. The best way to do that is to send it to feedback@microsoft.com. Just put "Support WebCast" in the subject line, and that feedback will be routed to us.

I review that feedback every day, so it does get submitted to our managers. If you have comments about the interface, about our presenter, the presentation itself, there's topics you want to see covered, all of that is great feedback to send us. We certainly incorporate that into future WebCasts.

We look forward to you joining us again in the near future. Thanks, and we'll see you soon.