Do you find the Support WebCast transcripts helpful?
Let us know!

Note This document is based on the original spoken Support WebCast transcript. It has been edited for clarity.

Jeff Nemecek: Hello. My name is Jeff Nemecek. Our topic today is troubleshooting Internet connectivity in Microsoft^® Windows^® XP. The tools (slide 2) that we use for Internet connectivity troubleshooting include Device Manager, modem diagnostics, Network Diagnostics, and PING. We'll also discuss a couple of others, but these are the central tools. I'm going to assume some familiarity with Device Manager. If you're not completely familiar with Device Manager or not sure of the interface, there's a good how-to article on troubleshooting devices using Windows XP Device Manager that you'll find on {Microsoft Help and Support online} (http://support.microsoft.com/). Beyond these four core tools, we'll also see a couple of others. We'll see just one bit of the NetSh tool in Windows XP. It's the NetShell command-line utility. We'll also look at Ipconfig, which is a command-line utility for gathering the TCP/IP information from a machine.

Some of the key components (slide 3) related to troubleshooting Internet connectivity are, in layer of use, the connectivity device, this is the hardware that we're using to connect to the Internet; the network connections, this is the connection method — it could be the cabling and underlying architecture of the network, such as an Ethernet network, or it could be a modem dial-up, so just the dial settings, the phone number, and also the analog protocols that we use to carry the TCP/IP data from the client computer to the Internet access point at the ISP. Next up the chain are TCP/IP and Domain Name System (DNS). TCP/IP is a protocol suite that is the Internet standard. It stands for Transmission Control Protocol/Internet Protocol. That's what carries the data and allows you to open a communication session with a Web server on the Internet, or receive streaming media, much as you are now in this WebCast. DNS provides the name resolution for TCP/IP. Without DNS, we would be left typing IP addresses in Internet Explorer or other Internet applications rather than being able to use a friendly name, such as http://support.microsoft.com/. Above TCP/IP and DNS are the applications that we use on the Internet. These could be Internet Explorer, e-mail clients, or they could include other utility-type applications.

Starting with the connectivity devices, one of the first steps in determining our troubleshooting path is to identify the device type (slide 4). We could be using an analog modem. We could be using a DSL or cable modem, or other connection types. The type of connection determines the troubleshooting.

If we have an analog modem, we need to be concerned about things like the modem installation, telephone numbers, and things like the ISP settings.

For a DSL or cable modem, we'd need to determine whether we can provide a user name and password at the initiation of the connection. This would indicate that we might have a PPP over Ethernet (PPPoE) connection. We might also have particular parameters that are required, such as a proxy server setting. This would be a special server that forwards our requests for Web pages out to the Internet and protects us from external attack, and it also caches Web pages so that when you have hundreds of users behind a proxy server, this server can act as an intermediary agent so that when the second, third, or fourth person attempts to get the same Web page, we don't have to go back out to the Internet, we can just retrieve the page from the proxy server. So a lot of the troubleshooting is determined by the connectivity device in use.

In all of these cases, whether we're using a modem, a DSL modem, a cable modem, or a network adapter, we would want to obtain updated drivers for Windows XP and also check the Hardware Compatibility List (http://www.microsoft.com/hcl/). The Hardware Compatibility List is the list of devices and drivers that have been tested by the Windows Hardware Quality Labs for compatibility with Windows XP. The logo on the Hardware Compatibility List tells you that at the very minimum there has been some basic compatibility testing done when the manufacturer submitted their drivers and hardware to Microsoft, so that we could verify their test results. So when you're choosing hardware for use with Windows XP, before you purchase, the Hardware Compatibility List is a great place to check. That will ensure that you get hardware that is compatible, and you won't have difficulty finding drivers.

Starting with analog modems for connectivity devices (slide 5), we need to ensure that the modem is installed properly. We can do this using Device Manager. Just like any other device, we would want to determine if the device had any errors in Device Manager. Perhaps the driver wasn't loaded properly, or there's a resource conflict on the computer. All of that is very hardware-specific troubleshooting. So I'm leaving that aside.

We're focusing really on establishing the connection and the networking components. So above the actual base driver installation or physical connection, we can test the communication between the computer and the modem using modem diagnostics. You'll find the modem diagnostics interface in the properties for the modem, either from Device Manager or from Control Panel, Phone and Modem Options in Windows XP.

The Diagnostics tab, as you can see on this slide, provides a Query Modem button. The Query Modem button issues a bunch of AT commands. These are Hayes commands, set commands, and are very standard language that the computer speaks with the modem. When we click Query Modem, we should see what's shown here, a series of commands and responses in the window just above the Query Modem button. It doesn't matter, to a large extent, what the specific responses are. If we receive a list of commands and a list of responses, at the very minimum that means that the computer and the modem are communicating. That means that we can probably communicate outside, beyond the modem. If we receive an error message, such as "Could not open port" or "Port in use," it indicates that either the modem isn't installed properly, or perhaps there's another application or driver that has access to the modem currently, and it's preventing us from accessing the device.

For configuration, we'd want to consider things such as the phone number and the dial settings. This would include the area code information that's dialed. In some areas, we may need to dial the area code before the number, ten-digit dialing. In others, we may just need to dial the {seven-digit} phone number. One of the easiest ways to configure this is in the properties for the connection that we'll see in a moment. We can configure it to not use dialing rules, and that gives you just one field where you can input the number that you want it to dial, exactly as the computer should dial it. So that avoids any potential problems with dialing a one or dialing a code to disable call waiting, and other phone features.

We'd also want to search for errors in the Knowledge Base. Errors in modem connections typically manifest as a numeric ID somewhere between 300 and about 780. Those errors are documented in the online support Knowledge Base, and very often you can find a mapping between the specific error message and what's going on. So for example, there is one numeric error message that indicates that the password or user name is incorrect. So that can clue you in very quickly on just what might be going on. Also, the Help and Support Center in Windows XP can provide some additional assistance with that.

When we talk about a DSL or cable modem (slide 6), the troubleshooting gets quite a bit different, after we look at the driver installation. Unlike an analog modem, a DSL or cable modem doesn't really go through a dialing process. There's no phone number involved. Even though a DSL modem is connected to a phone line, it's using a special section of the bandwidth on the telephone connection to achieve a digital connection to your phone switch at the central office.

One of the first things we'll do in examining a DSL or cable modem issue is determine how the DSL or cable modem is connected to the machine. You'll see primarily three variations in this.

On some computers, you'll see a DSL or a cable modem installed as an internal adapter. So this would work like any other adapter in your computer.

In other situations, you'll see an external device that's connected to the computer through a USB port. Now, a USB port is a similar kind of port that you would connect a Web cam to, or you might see a mouse or keyboard connected via USB. It's a small, rectangular, metal connector.

Another type of connection that you'll see is an external device connected through a network adapter. So in this case, it's an RJ45 plug, a plastic connector with a tab, very similar to an RJ11 phone connection.

So in troubleshooting these different interfaces, the internal or the external USB connection requires that the specific DSL or cable modem in use has a driver for Windows XP. If there's no driver installed, then it will be listed under Other Devices in Device Manager, and that indicates that we just don't have a driver to load for it. A driver will need to be obtained either from the Internet service provider or the manufacturer of the device.

For external devices connected through a network adapter, we're less concerned with a driver or a configuration for the DSL or cable modem as we are for that internal network adapter.

In some cases, network adapters that are provided free of charge by your Internet service providers may not be top-of-the-line network adapters. They might contain chip sets from smaller manufacturers. So in those cases, we'd want to check and see if we have a driver. Again, the Hardware Compatibility List is a good place to check.

Finally, we'd want to determine if the PPPoE protocol is needed. A clue in this would be a user name and password required to connect in a previous operating system, or that you used special software, such as WinPoET, or others, like Enternet 300. There are several third-party PPPoE solutions. Windows XP does provide built-in PPPoE support, but you have to create a connection. So PPPoE is another consideration. If we do have a PPPoE connection, that means that we'll need to create a special connection for that, and we'll see that option in the Network Connections folder.

Now, there are other types of connections (slide 7), like satellite connections. Satellite connections are configured in a similar way as a DSL or cable modem, and they behave like a network adapter. Just like the DSL or cable modem, there could be an internal device. It could be an external device going through a network adapter. In some cases, it's two devices. It might be modem that you use to upload back to your Internet service provider, and then a network adapter that you use to download. In those cases, there's typically software that binds those two connections together, so that they look like a single network interface. In those cases, the software is very, very important. Having the latest software that's certified for use with Windows XP is very important.

For LAN connections, a local area network connection, you'll typically just have a network adapter. You'll want to check for proxy server settings. In those cases, this could be a home network. Let's say you have four computers at home, and they're connected through a hardware router or a firewall device. In those cases, you wouldn't need a proxy server, but your entire Internet protocol configuration is coming from that router. So if there are problems connecting to the Internet, if the computers behind that firewall or router can connect to each other, but not through to the Internet, we'd want to examine the configuration of that router and possibly reset the router, so that it re-gains its configuration from the Internet and uses default settings.

Finally, the other common connection would be an ISDN connection. This is an Integrated Services Digital Network phone connection. It behaves a lot like a modem, in that you sort of have a dialing process, but it's called an ISDN terminal adapter. There are special configuration requirements for these connections. You'll want to contact your Internet service provider or your phone company to determine exactly what configuration to provide for the connection.

So we've taken a look at the hardware itself and discussed the important of Device Manager and determining how the device is installed and how it's connected to the computer.

From there, we can look at the Network Connections folder (slide 8). This is where we see the beginnings of the software that we use for the connection. In the slide, you'll see the four primary types of connections that we might use.

There's the broadband connection. This is a PPPoE connection, and in this example, we see that it's disconnected and firewalled.

We also could have a dial-up connection. This is a connection that utilizes a modem.

An Internet gateway connection is what you'll see when you're on a computer that's behind an Internet Connection Sharing computer. So if you have a Windows XP computer that's directly connected to the Internet, and then a home network connected through the Windows XP ICS computer, any of the computers on your home network that connect through that Internet Connection Sharing computer will see an Internet Gateway device in Network Connections. This allows them to connect the Windows XP ICS computer, or disconnect it, or configure ports to connect applications through the ICS host.

Finally, a LAN or high-speed Internet connection. In many cases, you'll see a LAN connection when you use PPPoE or when you use Internet Connection Sharing. Then, you'll also see just a LAN or high-speed Internet connection when you're connected directly to the Internet or to the Internet through a conventional LAN.

The Network Connections folder gives us several options. We can create a new connection. This allows us to create a new dial-up connection, a new PPPoE connection. Also there are advanced connections, like allowing other computers to tunnel in to our computer using Virtual Private Networking. We can set up incoming connections as well. We can also look at the status or the current connection state of any of these connections. We'd want to examine the connection that we use to connect to the Internet, make sure that there's no red X on it. If there's a red X on a local area connection, that indicates that the cable's probably not plugged in. If there's a red X on a network bridge connection or some other device, the cable is plugged in and the network adapter has a green light indicating that we have a good link, then it may just be disabled. We could right-click the connection and choose Enable. Finally, we may see unavailable connections, connections that are not in full color, and in this slide, the PPPoE connection and the dial-up connection are both currently disconnected. That tells us that it's not currently connected to the Internet through either of those means. The other pieces of information that we can pull, I don't know if you will able to see it, but in the upper right corner of the Broadband and Dial-up connection icons, we have a little lock icon. That indicates that the Internet Connection Firewall feature of Windows XP is enabled for those two connections. So we can gain a lot of information just by looking at the icon and the status information in the tile view in Network Connections.

Looking next at "Connection Properties" (slide 9), we'll first take a look at a local area connection. The properties for the connection show us several pieces of information. It shows us the components in use.

So we can see which protocols and which services are used for this connection. So for this local area connection, we can see that we're using Client for Microsoft Networks. This allows us to access file shares on other computers.

We're using File and Printer Sharing for Microsoft Networks, which allows us to share files to other computers, and the Internet protocol, TCP/IP.

If we were connected directly to the Internet, we didn't have any other computers that we were sharing files with, we could clear Client for Microsoft Networks and File and Printer Sharing {for Microsoft Networks} here. That would unbind those clients from this connection, and it would give us a greater measure of security. However, if we go to the Advanced tab and we enable Internet Connection Firewall, we probably don't need to worry, because those ports, those types of connections, are blocked.

We can also see the Connect using. This is the device that we're going to use to make a connection. In the case of a dial-up connection, it would show us the modem. In the case of a PPPoE connection, it will show us the actual network adapter that we're connecting through. In the case of a local area connection, we can see the device and the network adapter — in this case, a 3Com Fast Ethernet Controller.

Things that we'd want to look for in the Connection Properties for PPPoE would be the user name and password for the connection. We may want to re-enter the user name and choose not to save the password, so that we can test and enter the password again the next time.

We may also want to create a new connection. It is possible in some cases for the connection, the information related to this connection, to be corrupted in the registry. If information was written back improperly to it, we may fail to connect for no other reason than the fact that the actual connection itself has a problem.

For a dial-up connection, we'd also want to check the user name and password and the phone number and dial settings. As I mentioned before, we have the ability to choose not to apply dialing rules, so that we can just type in the exact number that we want the computer to dial to achieve the connection. We'd also want to test with a new connection. We can use some other tricks with a dial-up connection, such as picking up a regular phone and dialing the connection number that we would dial to connect to the Internet. What this will tell us, if we're dialing properly and if we hear a response from a modem on the other end when we're using the phone, is that there is a modem, there's a bank of modems on the other side, and they're answering properly. We would also want to check for things like phone line features. We've seen cases where voice mails beeps at the beginning when you pick up the phone handset. When the modem picks up and hears those beeps, there may be enough of a delay between those beeps and the time that the dial tone is heard such that the modem doesn't detect a dial tone, and we're unable to connect. So we'd want to find out if there is anything going on, just by examining the phone line and the phone number remote connection, using a conventional telephone handset.

Moving on to TCP/IP and DNS (slide 10), most Internet service providers rely on automatic addressing. If you're using static addressing, you would need to enter information provided by the ISP. In this case, we see that we have both the IP address and the DNS server set to obtain automatically. If we needed to enter a static TCP/IP and DNS address, we'd need all three pieces of information in the top section and at least one piece of information in the bottom section. So in the case of our top section, we would need to configure an IP address. That's the numeric value that your computer uses to identify itself on the Internet. Without an IP address, remote servers have no way of responding to you with information.

The subnet mask is a somewhat less understood configuration component to TCP/IP. The subnet mask tells us what part of our network addressing is local to our network, and which parts we have to go through a router to connect to. So in that case of a home router, we would need to configure a subnet mask such that we can connect to external computers; but for internal computers, we don't try to go through the router.

Finally, the default gateway is that router address. That's the device that we connect through to connect to the rest of the Internet.

The DNS servers will be an IP address that we use when we're trying to connect to a name. So for example, if we go into Internet Explorer and go the Address bar and type www.microsoft.com, the first step in that connection is going to be for us to send that name resolution request to the DNS server to ask it what IP address should we be connecting to, who owns www.microsoft.com. We receive a reply with an IP address, and that tells us that everything is working.

So in troubleshooting some of those configurations, we'd first want to determine what our current configuration is. So we'd check it using the connection status (slide 11). The status is available by double-clicking the connection icon in Network Connections, when you're connected to the Internet, or by right-clicking and choosing Status. The Support tab under connection status provides information about IP addressing, so is it an automatically assigned address, or is it something that we did statically? It gives us the three main configuration items. If we click Details, we can see the entire IP configuration. The Repair button is pretty useful. That renews our IP address and flushes our DNS information. So if we've previously been communicating with the DNS server, it's basically going to re-register our connection with us.

There's another way that we can check the configuration. We can use a command line (slide 12), ipconfig /all. Ipconfig /all, as you can see here, gives us information about the computer itself. So we retrieve the Host Name, the Primary Dns Suffix (that's the rest of the computer name, so it would be anything past the first dot), the Node Type, which is how we resolve workgroup browsing names (if we were just connecting to other computers in our home network), IP Routing Enabled (that's if we were in an Internet connection sharing situation, we would have IP routing enabled), and then WINS proxies (which is just a way of forwarding name resolution requests to other networks). The Ethernet adapter Local Area Connection is the one connection that I have here, and it shows me the description of the connection, the physical address, which is tied to the network adapter, and then information about the rest of the connection. So this is where we can see the IP address, the subnet mask, the default gateway, and DNS servers, which are the keys to our configuration.

Now, when we have this information, such as a DNS server or a default gateway, there are some troubleshooting steps that we can take that tell us, if there's a failure occurring, where in this connection is the failure happening? Is it happening at the device driver, at the network protocol level, or at the application or name resolution layer?

There's a quick and dirty way of doing that, and that's network diagnostics (slide 13). In the past, there were a lot of command lines that we had to use. We would use the PING command and the Trace Route (Tracert) command, maybe even Nslookup, if we were getting really serious about our troubleshooting. But with Network Diagnostics in Help and Support Tools, we have several automated methods for testing connectivity to key addresses in the configuration.

So it allows us to check for things like pinging our own IP address. Pinging our own IP address tells us if there's a problem with the TCP/IP protocol stack on the local computer, or if there could potentially be a problem with the network adapter driver or possibly the connection that we're making. So if we can ping our own IP address, that's the IP address we saw in the status or from ipconfig /all, it means that TCP/IP is working properly, and in most cases, the network adapter driver is working properly.

The next step is to ping the default gateway. As I said before, the default gateway is the closest router interface to our computer. So if we can ping our default gateway, it not only means that we're communicating with TCP/IP and our network adapter, but it means that our network adapter is communicating with another host, another device, outside our house, hopefully.

So if the default gateway allows us to ping, then we would ping the DNS server. The DNS server, as we discussed, provides name resolution. So if we can't communicate with the DNS server, it's going to give us a problem connecting to friendly names in Internet Explorer.

Finally, we can also ping our mail server.

So Network Diagnostics automates all of these testing procedures and provides us with a very quick layout that we can use if we look at the actual graphic for network diagnostics.

Moving ahead to the Network Diagnostics graphic (slide 15), you'll see that we have two main options, Scan your system and Set scanning options. We have the ability to save this as a log file. So when you go into Help and Support in Windows XP, you have the ability to access tools to test your configuration. So when you click the Tools link, Network Diagnostics is one of the options, and it's going to perform a whole grab bag of testing.

It's going to do things like attempt to connect to the mail server that we have configured for Microsoft Outlook^® Express. It's not only going to just test a ping to that mail server that tests basic connectivity, but it also tries to achieve a connection at the ports. That's sort of the sub-address in TCP/IP, it's the specific application-to-application address between two computers. So it's going to test a connection to the ports that mail servers commonly use. POP3 uses port 110, so we're going to test a connection to port 110 on that address. In the case that's shown here, we have a FAILED, and that was because this wasn't a real mail server. We just typed in mailserver in Outlook Express, so this tells us that there may be a problem with the name that we used. We'll also check Outlook Express News configuration, and if you have a proxy server configured in Internet Explorer, we'll try to ping that proxy server and test a connection on the port that you use to connect through it to the Internet. Next is some computer information, operating system information, and the version number for your operating system.

All of these are expandable. There's a great deal more granular information. Then down below, we have information on the modems installed and the network adapters. When we look at the network adapter here, it shows FAILED, but we can drill down on some of the details of the failures. So the Network Diagnostics details, which can be saved to a log file, give us additional information specifically about what failed.

We can drill down on failures (slide 16). We can use information to determine the steps for troubleshooting. As we'll see on the next slide, we can look at the DNS configuration.

When we drill down in Help and Support, as we can see in the image (slide 17), we can see that the DNSServerSearchOrder is what failed. So in this case, we can see other items that passed above. So we see that DefaultIPGateway passed, DHCPServer passed, but DNSServerSearchOrder failed. In this case, it's because the addresses are wrong. I have two DNS servers. We attempted to ping those servers. PING just sends out a requests that says, "Hey, are you there? Send me an echo back." If the server replies with echoes, it means that we're in a working configuration.

We can also do some manual testing (slide 18). So if Network Diagnostics doesn't give us the type of information we're looking for, or we're testing communication between two specific machines, we can also ping IP addresses manually. So we would open up a command prompt with Start, Run, CMD. Then, we could type in ping, a space, and then an IP address or a friendly name for a Web site.

For example, we could ping www.yahoo.com. That will tell us two things. If we get good replies when we ping the name yahoo.com, that means not only are we achieving a connection to that server's IP address, but we're communicating with our DNS server, so that we can actually resolve the name yahoo.com to an IP address, and that's how we ping. So if we fail to ping yahoo.com, I would be thinking, "Let's try to ping the IP address for yahoo.com." So we'd go to a working computer and ping it there. It would show us what IP address represents that computer, and we would then ping that IP address. If we can ping by IP address but not by name, that indicates a problem with our DNS server or our DNS configuration. That's exactly what I would expect to happen, given the configuration that we saw previously, where we failed with our DNSServerSearchOrder.

So the two possible returns from a PING are shown in this example. We might get replies. Even one reply means that we're getting some data back and forth with the machine. A poor response would be "Request timed out. Request timed out. Request timed out. Request timed out." So this command-line option will show you pretty much the same results as Network Diagnostics in the Help and Support Center, but it doesn't limit us to just the particular configurations and servers that are tested in that user interface.

Now, let's say that we have more low-level errors in TCP/IP (slide 19). Let's say that when we run PING, we get an error message, or when we run Ipconfig, we get an error message, or we just can't ping anything. We can't even ping our own IP address. Our network adapter looks okay. We checked our connectivity device in Device Manager, and everything looks good.

Well, Windows XP no longer has the ability to uninstall and reinstall the TCP/IP stack. It's such a core component and there are so many things that are required with Windows XP for TCP/IP, that the ability to uninstall it and reinstall it has been removed. So the recourse, if something has damaged the TCP/IP stack, would be to reset TCP/IP using the command shown here. It's netsh and then a space, int (which is short for interface), a space, ip, space, reset, space c:\resetlog.txt (netsh int ip reset c:\resetlog.txt). This is going to create a file called Resetlog.txt that shows us everything that netsh did to reset the TCP/IP stack. So it can recover from improperly configured TCP/IP protocol settings.

A good example of this might be using a third-party tweak utility to get the best performance out of the TCP/IP stack. You might change some low-level settings, such as TCP window size or the maximum transmission unit (MTU). In those cases, there is no easy way to get back to the default without manually editing the registry. So Windows XP provides this utility that allows you to get back that default TCP/IP configuration. So it's a great recovery tool, and it's used quite a bit to troubleshoot TCP/IP when everything looks okay in Device Manager, but we just can't run any TCP/IP-related commands or we can't ping servers on the Internet.

Now, applications that use TCP/IP (slide 20) can include Internet Explorer, e-mail, and also firewall products that are designed to protect you from threats on the Internet. Firewall products give us some special considerations, so we'll discuss those in particular detail.

Starting with Internet Explorer (slide 21), the main symptom that you might encounter when you have a problem with TCP/IP is, "The page cannot be displayed." I'm sure that you've seen this message in Internet Explorer in the past, "The page cannot be displayed" error.

Well, there's usually a detailed message at the bottom of this page. So when you encounter a "The page cannot be displayed" error, rather than just looking and troubleshooting it as a general "The page cannot be displayed" problem, scroll to the bottom. In many cases, you'll find the message that's shown here, "Cannot find server or DNS error." What that tells us is that the server name that we entered is formatted improperly, the server doesn't exist, or we're not able to resolve the name to an IP address. So that's why it says DNS error. Either we can't locate the server that you mentioned, but our DNS server responded back, or we didn't even get a response from the DNS server.

In this case, we would want to check the settings. We could use Network Diagnostics to verify that we can communicate with our server, and we might even want to try to ping the Web site that we're connecting to. Although, there is a consideration with that. There are many Web servers out there that do not respond to a ping. In this case, we were connecting to msn.com, and if you ping msn.com, it won't respond. It's a security feature of some Web servers.

So we'd want to check proxy settings. If we're behind a proxy, we would want to make sure that we have the correct settings in the Tools menu, under Internet Options, and then on the Connections tab.

We might also want to log on to the Windows XP computer with another user account and test there. So if everything else seems to be working properly, but Internet Explorer or any other networking application is failing, that's a quick way of determining whether the problem is isolated to one user account, or if it's specific to the machine in general. So if you can create a new user and the problem does not occur, that tells you where to start troubleshooting. It's either something in the user configuration in Internet Explorer itself, or something in the user's registry.

E-mail applications (slide 22) are a little bit more varied in their troubleshooting because of the configuration differences. You'd want to test first and make sure that other applications can connect to the Internet. So I'm never going to start my network troubleshooting, for example, with Outlook Express. If someone's having difficulty downloading mail, the first thing I'm going to do is try to connect to known, good Web sites using Internet Explorer. That's going to simplify the troubleshooting, because Internet Explorer's probably going to give me more helpful information about the type of failure. If we verify that we can connect using another application, but not our e-mail client, we'll check our server settings.

We either want to verify connectivity to the server using Network Diagnostics, if we're using Outlook Express, in which case, as we saw before, it will attempt connections to well-known e-mail application ports, or we could just ping our mail server directly. So we'll get the server name that we used to configure our mail client, and we'll go to a command prompt and type in ping, space, and then the name of the server. If we don't get good replies, so if it says "Request time out" or "Cannot find host," then that tells us that either there's a connectivity blockage somewhere between us and that server, the server may be offline, or we're just not resolving the name to an IP address. In the final case, the last case, just a name resolution thing, we could always ping it from a different computer that's working, get the IP address, and then configure the e-mail client to use the IP address rather than the name. So those are all steps that we can take to troubleshoot the e-mail application itself.

Now, firewall products (slide 23) provide some special considerations. Windows XP does include a software firewall product called Internet Connection Firewall. When troubleshooting Internet connectivity, we're going to turn off Internet Connection Firewall. It's on the Advanced tab in the connection properties. That's going to give us a little bit more simple configuration.

We would do the same with third-party firewall software. Although because there's less certainty of when the driver for that firewall product loads or unloads, to be perfectly safe and get the cleanest possible configuration, I'll typically uninstall that firewall package, whatever package it may be. It could be BlackICE, ZoneAlarm, Norton Internet Security, Tiny Personal Firewall, any of those products or the many others that exist. I'll typically uninstall that product, reboot the computer, and then we'll troubleshoot the connection. That's going to make sure that we're in a known state, so that when we get a particular error message or we get particular results, we know exactly what we can do next to troubleshoot.

After connectivity has been restored, after the computer is talking to the Internet, at that point we can reinstall and then enable the firewall software, be it the Internet Connection Firewall in Windows XP or the third-party firewall product, because again, then we're in a known state. We know we have a working Internet connection. So if perhaps if there's some compatibility issue between the firewall package and reinstalling it causes a failure again, we'll at least know where to track it down. But in most cases, that's not what we're seeing. We're seeing cases where either the firewall is misconfigured, or it's just some other issue going on — a DNS configuration issue, or a basic connectivity issue, or drivers for the cable modem or network adapter.

So that pretty much covers the basics of Internet connection troubleshooting in Windows XP. For troubleshooting resources, you can use Help and Support in Windows XP and also Product Support Services at http://support.microsoft.com/, either to do a search for a Knowledge Base article or to submit a question for an online one-on-one support incident, or you can obtain the phone numbers for Product Support Services from that site.

So at this time, Jason, I think we're ready for some questions and answers.

Jason Bennet: Okay. Thank you for the presentation, Jeff.

Just a couple of quick notes before we move on to the Q&A portion: to access information on all upcoming Support WebCasts and the archived content from all past WebCasts, an easy-to-remember URL is http://support.microsoft.com/webcasts/.

The Q&A portion of the Support WebCast is intended to encourage further discussion of the Support WebCast topic. One-on-one product support issues are outside the scope of these Support WebCasts. So if you need technical assistance, please submit an incident on the Web, or call Microsoft Product Support Services and speak to a Support Professional.

Our first question: Recently, many @Home cable subscribers were switched to AT&T BI, and many Windows XP users have experienced problems related to DNS. It appears to be a problem with the AT&T DNS servers. How would a user diagnose this particular type of DNS problem, and why does disabling the DNS client service seem to be the best solution?

Jeff: Yes, in that case, the infrastructure being used changed, and in this particular case, AT&T went to a four DNS server configuration. So they were using two, and in some regions they still are using two DNS servers for external name resolution, and then two DNS servers for name resolution for servers in their infrastructure — things like e-mail servers, newsgroup servers, and the like. In those configurations, we typically didn't see any problems with the computer directly connected to AT&T Broadband. The issues happened when there was a Windows XP computer sharing the Internet connection, or a computer using ICS, and then the computers behind the ICS host were unable to resolve names. So they had intermittent connectivity issues.

Typically, what we would do to troubleshoot that would be attempt to ping friendly names from the ICS client computers. If they're unable to resolve the name to an IP, then it tells us that there is some sort of DNS configuration issue. When we found the four-server configuration, that was a little bit suspicious. So in many cases, one of the things we can do to diagnose that is use a public DNS server. So there are several top-level public DNS servers available that you can configure for use on your client, and that gets any ISP-specific configuration out of the way. So we would test in that configuration, and if that worked, then that would help us diagnose what was going on.

In these cases, typically what we've been doing, instead of disabling the DNS client services, we've been getting the IP address and host names for the e-mail servers and news servers in use on the AT&T infrastructure and creating a hosts file for all of the computers on the home network, and then statically configuring the ICS host for the first two DNS server addresses. So they were actually getting two DNS servers, a primary and a secondary, and then two DNS servers that started with 12. It was 12.something.something.something. So we just pulled those two out of the configuration, because it seemed like what was happening was that when the ICS client requested name resolution, it was just getting the first response back and treating that as the absolute response. Those 12. servers were the ones that were replying. So that seemed to have resolved the issues, at least as a temporary measure, but the latest word I had was that AT&T was working on resolving this from an infrastructure side. So I suspect that this will be a very temporary issue.

Jason: The next question: PPPoE causes problems for Windows XP ICS clients. Q159211 describes how to diagnose black hole routers, but Q259783 has been withdrawn. How should a user diagnose MTU problems when using Windows XP ICS with PPPoE?

Jeff: Typically, these MTU issues are treated just like any kind of communication. For somebody who's not familiar with a black hole router and a PPPoE MTU issue, essentially what happens is that when a computer on the Internet sends a request and they're formatting their data packets, their chunks of data, on the Internet with a size that's larger than a particular router that they're going through will permit, that router may just drop those packets. So what we've seen, the classic symptom of this, is that they connect out, and you just never see anything coming back. Or they connect out, and they get an initial response from a Web server, but then no data following it up.

The specific question, with regard to troubleshooting: Q259783 is the correct troubleshooting. I think it's just a matter that this article just applies to Windows 2000 Professional. It isn't currently listed to apply to Windows XP, although it does, from a technical level. I think that the steps to configure the MTU and some of the considerations on Windows XP are different. My suspicion is that we're working on a Windows XP-specific article that gives you just those steps.

Essentially, because PPPoE adds overhead to the network connection, when an ICS client computer is on a network and the ICS host for that network uses PPPoE, if the ICS client computer uses a full-size Ethernet packet, so a full MTU, TCP/IP packet, after the PPPoE overhead gets added at the ICS host computer, it may be too large to be transmitted through some routers. That's where we'll see the black hole router symptoms.

Typically, depending on the symptom, we'll start using the steps in the article, "The PPPoE With ICS Requires MTU Setting Below 1492," that's Q259783 (http://support.microsoft.com/support/misc/kblookup.asp?id=Q259783). We'll use that, and we'll ping the default gateway. If the default gateway works properly, then we'll typically use Tracert. If there are just one or two Web servers that are a problem, we'll perform a Trace Route, which essentially tests a connection and gives you information and statistics on each router interface that we go through on the way to that server. So we'll do a Trace Route and find the last router that we connect through to get to that Web server. Then, we'll do the same PING tests to that router, and that can give us some information. Essentially, we just send a large PING frame. If that fails, we just make progressively smaller frames until we succeed, and that tells us exactly what MTU size we need to use.

So it's an increasingly common issue now, that we're seeing more PPPoE Internet service providers, and we're also seeing more home networks using Internet Connection Sharing. So we may see this increase, although I wouldn't be too surprised to see some feature that allows us to discover that we're using PPPoE on the external connection, so that the clients can change their configuration accordingly.

Jason: How does a PPPoE user get Windows XP to autoconnect to PPPoE?

Jeff: There is an option in Internet Explorer, Properties on the Connections tab to Dial whenever a network connection is not present. That, in combination with the saved password for your PPPoE connection, will enable you to connect automatically. You just want to make sure that the PPPoE connection icon is the default.

That's another new feature of the Network Connections folder in Windows XP. There's actually a small, black checkmark that gets added to the default connection. So you can set that configuration directly from the Network Connections folder.

Jason: The next question is: I'd like to use wireless 802.11, but I'm worried about wireless security. Does Windows XP include anything to help secure wireless networks? I've heard that WEP is too easily cracked. So I want something more than standard WEP. Can Windows XP help, and how could I check my wireless network against intrusion?

Jeff: Okay, and that is a fairly common concern now. 802.11 wireless, the most popular standard of which in use right now is 802.11B, is by default not a secured network connection. For example, if you've ever looked at a network trace of someone connecting to a Web page, all of the information from that Web page is viewable, if you just capture the data that's going out on the network. So the concern with 802.11 wireless is that someone nearby could actually capture that same traffic. Obviously, they'd have to be within range of the access point or one of the terminals on the network.

So one of the solutions to that problem is WEP or Wireless Equivalent Protocol. WEP has several security levels. There's 64-bit WEP and 128-bit WEP, I think everything from 40-bit through 128-bit. There are some concerns that it is crackable.

So there are other authentication methods usually relying on Remote Authentication Dial-In User Service (RADIUS) authentication of some sort. The standard supported in Windows XP is known as 802.1x, and you'll see that on the Authentication tab in the properties for a connection. To use 802.1x, you have to have a server set up that can do things like certificate exchange to check the certificate on the client, either for the user or machine configuration or both, and then use what's basically public key encryption technology to encrypt the data that's moving on the network.

So there are ways that you can do it, although currently, they require a server infrastructure to implement. If you're just using a home network or a small business network, then currently a 128-bit WEP with a wireless access point is about the best option.

To put it into perspective, somebody has to have a good deal of equipment, and they need to be within range of your wireless infrastructure to connect. So one of the ways that you can assess your network and its ability to protect the data might be to install that access point, keeping in mind to keep the access point away from external walls and windows, just to limit the propagation of the wireless signals outside the building, and then walk around outside the building using a signal meter. There's a very, very rudimentary signal meter in the status for a wireless connection in Windows XP. See how far away you can move and still get a connection. If that distance is of concern to you, and particularly if you're moving sensitive data, I would recommend looking into a more robust security mechanism.

There is a Knowledge Base article on 802.11 wireless networking with Windows XP security. So I'd recommend checking http://support.microsoft.com/ for that article. It's relatively new, and it provides general guidelines, but that can be of some help. One other location that you can go for additional information would be the Web site http://www.wi-fi.org, and that is the organization that disseminates information about 802.11 networking and interoperability of different devices. They do have some good information about wireless security there.

Jason: Should a home or small business user, that is peer-to-peer, disable or uninstall the Quality of Service Scheduler or leave it enabled? Does this have any impact on bandwidth?

Jeff: That's a great question. There were some rumors that the QoS Scheduler reserved some portion of your bandwidth automatically. For people who aren't familiar, QoS is Quality of Service, and it's typically used on connection-oriented media like an ATM network. That enables a process or the operating system to reserve a certain percentage of the total bandwidth for a particular application or a particular service. So in a business environment, if you had the server infrastructure to implement QoS and you were on a connection-oriented media, you could reserve let's say 25 percent of your bandwidth for a particular mission-critical, real-time, database application. So that even if you had everyone in the company streaming audio over your corporate infrastructure, it wouldn't impact the usability of this key application.

Having the QoS Scheduler installed will give you a very small memory footprint, just like having any service or any component would, but there's no impact on the network bandwidth if you're not using QoS in your infrastructure. So you can leave it installed and enabled. You can uncheck it to unbind it from the connection, or you can highlight and uninstall it. If you're not using QoS in your infrastructure, it's pretty much all the same either way. So uninstall it if you feel comfortable with that, but there's no hit on network bandwidth.

Jason: The next question starts heading into one-on-one product support issues, and I'll just use it as an example of a reminder. We don't generally take one-on-one product support troubleshooting, only because it would really take too long to sit down and troubleshoot everyone's configuration. These WebCasts are typically just for discussion of the topic. That said, our topic is "troubleshooting Internet connectivity," so if I get a product support question, I'm going to phrase it in the manner of, "What are some basic ways to troubleshoot these issues?" That way, you can at least get an idea of the method.

So let's ask the next question: We have a new Windows XP Professional laptop connected to a LAN with a Small Business Server 2000. I can see the server and browse the Internet without any problems. When we try to get the Windows XP updates, the update wizard hangs when it starts downloading the updates. What can you suggest as a way of troubleshooting this, Jeff?

Jeff: Okay, and that does bring up a category of question that we definitely do get in support. There could be several things going on. It could be that the specific processes used to run that wizard are having difficulty. We may be having difficulty connecting to the actual download URL. So it may be some sort of a connectivity issue beyond just browsing the Web page. It could be caused by a service, driver, or application that's running on the computer.

Typically, I'll approach it by using Msconfig, which if you've ever supported or done any troubleshooting with Windows 98 or Windows Millennium Edition, will be a familiar concept to you. It's the system configuration utility. What it allows you to do is simplify the configuration of a computer, simplify the software configuration.

So if you use a selective startup option and {cancel the selection} of the different startup items in Msconfig, that will prevent all of the unneeded services or the services that provide special features on Windows XP, or third-party services, from starting. It will prevent your startup applications from loading on boot, and any 16-bit application configuration through System.ini or Win.ini will not be loaded on that next startup. In that configuration, you can feel fairly certain that there's no third-party software or extra add-on software that's been loaded that could be preventing our connectivity.

Another one of the things that I'll do very frequently to test configurations like this would be to connect that computer directly to the Internet and see if it can download the updates or if it sees the same behavior. If it sees the same behavior when connected directly, then we know that it's something either specific to the machine or specific to the Internet connection. We'd also want to test another computer and see if another similarly configured computer experiences this same behavior.

So essentially, just simplify the configuration as much as possible in software and in hardware, by using Device Manager or by removing unnecessary external devices, and see if you can duplicate the behavior. If you can make the behavior go away with these standard troubleshooting techniques, then you can just gradually start adding items back to the configuration until you've narrowed down exactly what might be causing it.

Jason: What would you say are the chief differences between how Windows 2000 and Windows XP handle Internet connections?

Jeff: Well, I'd say that the biggest differences are probably feature additions in Windows XP. The underlying protocols and the components that are used to communicate are pretty much the same. There have been some updates, and there have been some feature additions, but at its root level, there's only so much you can change TCP/IP and still communicate on the Internet.

So some of the differences in feature sets that I have in mind are things like the Internet Connection Firewall. That gives you just a single check box ability to give your computer some protection against external attack. That's a nice new feature. Other features, such as PPP over Ethernet support built into the operating system makes configuration and setup quite a bit easier. As far as the underlying handling of those connections, they're pretty much the same. There's not as much difference.

Now, there is quite a bit of difference in the architecture between Windows Millennium Edition and Windows XP, because Windows XP was built on that Windows 2000 framework. So it was updated, certainly new features and additions, but you should expect the same stability and the same basic functionality on Windows XP as you've seen on Windows 2000, to date.

Jason: Okay, that kind of leads into another question. I have a user wondering about options for earlier versions of Windows 2000 and Windows NT 4.0. Are there any kind of parallels between what you had as far as net diagnostics that you mentioned on the slides? Is there anything comparable for Windows 2000 and Windows NT 4.0? Is there anything out there on the Web that you've seen?

Jeff: There is a command-line version of Network Diagnostics that performs some similar steps, but it's more oriented to a server environment, and it is Netdiag.exe. You could search in http://support.microsoft.com/ for Netdiag.exe, and that is available for Windows 2000. So that gives you a lot of output logs, like logs for gathering information from the computer, analogous to the types of troubleshooting in Network Diagnostics. The actual graphical interface of Network Diagnostics was updated and adopted from what was included in Windows Millennium Edition. Windows Millennium Edition had the first graphical network diagnostics, and it was updated here, but it relies on some fairly low-level Windows Management Instrumentation interfaces and the infrastructure provided by the Help and Support Center. So it can't be easily pulled out of Windows XP and applied to another operating system. In fact, it looks like there's a related question on starting the Network Diagnostics directly.

Jason: Right, I was going to ask: Is there a command line for Netdiag in Windows XP?

Jeff: There is. There's a way, using the NetShell command, netsh, that you can start network diagnostics. It launches the graphical user interface. The full command is netsh, then a space, diag, then a space, gui. So those three words, with spaces in between on a command line, will open up the full network diagnostics interface on Windows XP.

Jason: When using the command netsh int ip reset c:\resetlog.txt, is the IP subnet gateway address information cleared, or are they retained?

Jeff: That's a good question. Static configuration is maintained. It's not mainly the user configurable settings that are modified. It focuses mainly on the lower-level configuration for the protocol stack.

Jason: Does Remote Desktop Connection or Remote Assistance work through a corporate firewall?

Jeff: Well, yes and no. With Remote Desktop, which is available on Windows XP Professional, and which enables someone to connect to the console of the computer remotely — so it's as if they were sitting at the machine, very similar to Terminal Services — you cannot connect through a typical Web proxy if the client for Remote Desktop is behind the firewall or proxy, and the remote machine that you're connecting to is outside, unless you have proxy client software, sort of like the Microsoft Internet Security and Acceleration Server client. If you're behind a NAT-style firewall, so if you're behind like a home Internet gateway device, like a Linksys router, SMC barricade router, or a NetGear device to provide network security and home networking multiple access to the Internet, you can connect from inside your home network to a computer out on the Internet.

The problems come in more dramatically when your remote desktop computer is behind a firewall or proxy computer. If it's behind a firewall, you would have to open the port that remote desktop uses, which is port 3389. In the case of a Network Address Translation firewall, like those home gateway devices or home routers, not only do you have to open the port, but you have to map that port back to one computer on your home network.

So I have that set up at home. So I have a home router that I connect through, and I have that port mapped back to one computer on my home network. So I can't connect to just any computer back there, only one. And it would be a similar configuration for a proxy or a corporate firewall. You could open the port and just allow free access through that port from outside in — not a very common scenario, it's not something that most network administrators are going to permit — or in some cases, you could just map that port back to one machine. But in the case of a proxy, there's no direct way of connecting from the outside in. So the answer is yes, you can connect out, but it's more difficult to connect back through.

Jason: When our laptops use CDPD wireless cards, they can access the Internet using Windows XP Professional, but it states in the Taskbar that the connection is unavailable. What does this mean?

Jeff: I suspect that it's related to the drivers or software installed for that CDPD card. I know that there are several CDPD wireless LAN adapters out there, and several of the manufacturers are still working on sort of a released Windows XP driver. So you may want to stay tuned for news from the manufacturer. We've seen some similar results with wireless LAN adapters, like 802.11 adapters. With some adapters, you'll have a connection for several minutes, and then it will drop the connection, and you'll see "wireless network unavailable" when you look at the icon in the {notification area}. So stay tuned, contact the manufacturer, and check for updated drivers. If that information is being provided by the connection utility that's provided for Windows 2000, then that could possibly explain what's going on, if you had a Windows XP version driver. But I have seen that in a couple of cases, and in the cases that I saw, it was related to a driver that just needed an update.

Jason: Okay, next question: We often have a problem with Windows 2000 and/or Windows XP setup not finding the local domain within the university LAN. We have normally had to change the workgroup to "junk," reboot, then change to the domain and reboot. Any suggestions on this?

Jeff: It sounds almost like a computer domain account issue, and it's pretty well out of the scope of what we're discussing here. I'd hate to make any recommendations. The best thing that I could recommend would be to contact Microsoft Product Support Services (http://support.microsoft.com/). We have some great pros who specialize in domain support, and they could probably help you track down that problem pretty quickly. But anything I said would probably only make matters worse for you. So I'll keep my head out of that one.

Jason: Can you comment on the Windows XP wireless LAN features? Do you have any more information on that?

Jeff: Certainly. The wireless LAN support that we have is mainly for three different chip sets, currently. Those are the inbox drivers that are supported. And consult the Hardware Compatibility List first, if you're still shopping for a wireless LAN adapter. If you have a wireless LAN adapter now, then essentially you use the same troubleshooting techniques that you would for a local area connection.

The only additions that we have are the support for wireless zero configuration and also the connection strength. So if you look in the adapter status, there's actually a signal strength meter, which eliminates the need to install third-party utilities for that.

Also, we have the Wireless Network tab in the properties for the connection. This Wireless Network tab allows you to do several things. You can view a list of visible networks, so that's any network that you can currently see from your wireless adapter. You can select one, and then click Configure. That will give you the ability to enter the configuration entries for a wireless network, things such as the SSID, that's the Service Set Identifier that is the name of the network that's in use; also, there's whether or not you're using the Wireless Equivalent Protocol (WEP) that we discussed earlier; and what kind of authentication. If you're using WEP, you can enter a key there. And also there's whether you're doing what's called ad hoc networking or infrastructure mode networking. Ad hoc would just be two computers with a wireless card. Infrastructure networking uses what's called an access point, which is a wireless device that typically connects you to a wired network. So we have the ability to add that configuration.

So if you have to click a button called Configure and enter those things, you might be wondering, "Well, why is it called wireless zero configuration?" The advantage to the configuration in Windows XP is that you can add that configuration for several wireless networks. So for example, my parents' house has a wireless network. I have a wireless network at home. They use WEP. I use WEP, but I use a different key. So if I had another software package, or if I was using Windows 2000 or Windows 98, and I had software for my wireless card installed, in some cases I'd have to go into the utility and reconfigure my settings to switch between networks. With Windows XP, after I enter that information the first time, whenever the wireless adapter sees a new visible network, it tries to determine if it already has configuration for that network. If it does, it just starts communicating. So you can seamlessly move between networks.

The only challenge that we've seen in some cases is compatibility between the wireless zero configuration service and some Windows 2000 drivers for wireless adapters. So if you're waiting for an updated Windows XP driver for your wireless adapter, there are several things you can do, and they're outlined in a Knowledge Base article. If you go to http://support.microsoft.com/ and search for "troubleshooting wireless" in the Windows XP product area, you'll find this article. It gives you a good list of troubleshooting steps to determine whether you have a driver that's fully compatible with wireless zero configuration service, and if you don't, what steps can you take to get basic connectivity working while you wait for that driver. So with that article, you'll be able to go through some basic configuration steps. In most cases, that will get you connected. It will get you talking to your access point or to other machines so that you at least have basic connectivity.

Jason: What's the role of the SOCKS proxy with Windows XP?

Jeff: Well, SOCKS proxy is a application-style proxy that is distinct from what's more commonly called HTTP or a Web proxy. There is some SOCKS proxy support for different applications in Windows XP. So for example, in Windows Messenger, there is, in Tools, Options, a configuration {selection to use} proxy, and you can select a SOCKS 4 or SOCKS 5 proxy there. Beyond that basic support, there's nothing really built into Windows XP to utilize a SOCKS proxy, but it can in the same way that Windows 2000 has in the past.

Jason: This is a question that looks like it's about a third-party driver, but I'll pass it on: Why does the RASPPPoE driver from Robert Schlabbach seem to solve ICS problems in Windows XP? Wouldn't this indicate that Windows XP ICS still has MTU discovery problems like Windows 2000 ICS? Are you aware of anything about this?

Jeff: I'm actually not familiar with this particular driver. I'd be curious to know if the problems encountered with the in-box Windows XP PPPoE driver were confirmed to be MTU discovery issues. So I wouldn't mind hearing further information on that and following up offline, if the questioner would like.

Jason: Can you tell me about bridging that is installed when you have two NICs installed? I have a laptop with an integrated NIC, and it gets docked in a docking station when it's in the office.

Jeff: Bridging is a pretty cool, new ability in Windows XP. If you're familiar with networking infrastructure, you'll know that a bridge is a connectivity device that segments between networks. It doesn't have the same level of intelligence, or it doesn't work at the same layer in the network stack as a router. A router actually moves data based on the TCP/IP address, whereas a bridge is more concerned with the hardware address in use.

We do have a software bridge in Windows XP, and it was mostly intended for the type of configuration where you have a computer sharing a connection. So it's running Internet Connection Sharing. It has one adapter that connects externally. Then, let's say that you have several computers or one computer that's wired to that computer, so you have a regular Ethernet network. Then, you also have a couple of computers using wireless networking, and so you have a wireless adapter in the Windows XP computer. What bridging allows you to do is connect that internal home-side wired and wireless adapter together so that together, they get a single IP address. They'll seamlessly move data back and forth between the wired and wireless networks based on the hardware addresses of the machines. So that allows you to easily create a multiple medium home network between wired and wireless or to bridge something like an IEEE 1394, a Firewire connection, with a regular Ethernet connection, and that will all use one IP address.

So in the example that you've given, you have two network adapters installed. It probably has an integrated NIC in the bridge and a NIC in the docking station. So you could bridge those two together. Then, at that point, the network bridge, which is a software entry in the Network Connections folder, is what obtains the IP address. It ties the two underlying adapters together. So when you run Ipconfig, the bridge is what's going to have an IP that's going to look more like a network adapter. Whereas we're really only using the drivers for the two underlying network adapters, and the bridge is moving the data back and forth. So it is a new feature, mainly intended to tie several types of networks together in a home network so that it looks like one contiguous network.

It's an improvement over what came in Windows Me. Windows Millennium Edition could support two home-side networks with an Internet Connection Sharing configuration, but it used routing between those two networks. So you had two separate IP network ranges. Whereas with Windows XP, they're all on the same contiguous TCP/IP network range, and they can see each other seamlessly. So there's no overhead with routing associated with it. It's just a simple bridge.

Jason: Okay. Can you explain the Icslog.txt file and/or why I don't have one on my ICS host? Do I need to start this log somewhere?

Jeff: The Icslog.txt was a file that was used in Windows 98 and Windows Millennium Edition to log events that occurred with Internet Connection Sharing. The same sort of logging doesn't happen in Windows XP. It doesn't write to that same log file. You'd want to look in the system log for events that are recorded by Internet Connection Sharing. The underlying component that you may see reporting events there is Ipnathlp. That's the driver that provides Internet Connection Sharing in Windows XP. So in some cases, we have changed the type of logging that occurs, because we're building on the Windows 2000 platforms. So you won't see that same result there, but you should expect to see some events in the system event log, when problem events occur with ICS.

Jason: Do you know if Linksys will be approved for wireless Windows XP connectivity? I realize it's not yet on the HCL. Do you have any information about that, Jeff?

Jeff: I don't have any specific information on that. If my memory serves me correctly, the Linksys wireless adapter is built on the Intersil chip set. My understanding is that there is some driver code out there that's been written for Windows XP. I would expect to see a Windows XP driver from Linksys shortly. I have seen working configurations where customers have installed a Windows 2000 driver along with the Windows 2000 utilities for the Linksys adapter, and that's worked successfully. So that might be one thing you could consider as an interim solution. But my understanding is that Linksys is working very hard on those drivers, and I would expect that they'd be available shortly.

Jason: The last question I have in the queue is: Is it better for security to use the MAC addresses?

Jeff: Okay, that's probably going back to the wireless question. There are several ways that you can secure the network. I hope I understand the question correctly. If the questioner is still on, maybe you could add a little bit of clarification, but I'll answer to the extent that I understand the question.

Some wireless access points allow you to limit networking to particular MAC addresses. The MAC address is the media access control layer address. That's the physical address of the network adapter. So if you have a limited infrastructure and you have a limited number of wireless network adapters, you could just pull these physical addresses off of each adapter. Some access points will allow you to limit the network so that any other network adapter that's not listed in your configuration doesn't have wireless access. That gives you a measure of security, but it still doesn't provide encryption. So that's more of an authentication solution. It ensures that only your hardware is connecting, but someone with some sort of a wireless sniffer or wireless capture device who's just listening doesn't need any kind of authentication. So it is still possible to pull down traffic from that connection.

You could also use the MAC address as the key for the Wireless Equivalent Protocol. That's another possibility as well. There are several choices that you can make on how to determine what you're going to use for your Wireless Equivalent Protocol key, but in general, you want as long a key as your hardware supports to give you the most security possible. Like I said, if you have very sensitive data that's moving around, and you have a server infrastructure, you may want to investigate 802.1x authentication.

Jason: Okay. Well, with that, we have answered all the questions in the queue. So I think we're going to wrap up our session. I want to thank everybody for joining us.

I do want to take a moment just to solicit some feedback from our audience. We are very interested in what you have to say about our program, what you thought about today's presentation, the presenter, the overall quality, the sound, or what you thought about the interface, any of that's fair game. If you have suggestions for some future topics you'd like to see covered along these lines, we'd definitely be interested, and we definitely incorporate that feedback into preparing this program. The e-mail address {for feedback} is feedback@microsoft.com. Just include "Support WebCasts" in the subject line, and that way, it will be routed to my Inbox. So you have access to the people here, and we hope to hear from you.

We hope you join us again in the near future. Thank you and good-bye.