Re: Event ID 1054 and ip filter
From: Charles Elliott (elliott.ct_at_verizon.net)
Date: Thu, 1 Apr 2004 13:16:13 -0500
Thanks for the information on how you solved the problem, but you raise
another question: Are you using the firewall built-in to the Windows
product you are using? The reason I ask is because the "Internet Connection
Firewall" that comes with Server 2003 does not seem to accept any notation
for "From Any Port," to use your terms. I had to stop using it because a
request for DNS or any service can come from any port on a computer on the
LAN. I wound up using the firewall built-in to my router.
"Molly King" <email@example.com> wrote in message
> Thanks for the sugguestion. This is what I did to fix it. My original ip
filter rules were set up as follows: From source <the test subnet> to
Destination <My ip address> 'permit' protocol <TCP> From Any Port To this
port <53>. I did this for all the ports I listed in the original question.
Everything started working fine when I added rules as followed: From source
<My ip address> to Destination <the test subnet> 'permit' protocol <TCP>
>From Any port To this port <53>. I did this for ports 53 tcp and udp, 389
tcp, 139 tcp and 445 tcp. Since all the original rules (and the new ones)
are 'mirrored,' I guess I don't understand what Mirrored means.