Re: Servers & Routers and Firewalls, Oh my....
From: SuperGumby [SBS MVP] (not_at_your.nellie)
Date: 02/22/04
- Next message: TOny: "Re: You must be a member of the Domain Admins, Schema Admins, and Enterprise Admins groups"
- Previous message: TOny: "You must be a member of the Domain Admins, Schema Admins, and Enterprise Admins groups"
- In reply to: Tom: "Servers & Routers and Firewalls, Oh my...."
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 22 Feb 2004 13:39:52 +1100
Hi Tom,
I think you're confusing two seperate concepts. Port Forwarding as
opposed to allowing traffic on whatever port.
What model of Linksys is that device you're talking about? I doubt you
need do anything to it to allow internal clients to request data from
external sources (eg. WWW).
Ignore the DHCP on the Linksys, I don't care whether it's on or not. Set
the external NIC to 192.168.20.100 mask 255.255.255.0 gateway 192.168.20.1
(I assume this is the linksys IP), but point it's DNS to your internal IP
(192.168.10.whatever). This will ensure that the external NIC of the server
always has the same IP, as you now seem unsure whether it is .100 or .102.
Then run the CEICW. BTW, the .100 is arbitrarily chosen, I'm only suggesting
it due to your earlier comments.
Whether you are using ISA or no you still need to tell the CEICW to
enable firewalling. If you wish to not yet implement ISA you're in a good
position due to the Linksys in front of the external NIC. Me, I'd throw ISA
on as well, but let's take small steps first.
-- Mick Malloy http://www.micropol.com.au "Tom" <anonymous@discussions.microsoft.com> wrote in message news:1491101c3f8d9$48951f70$a501280a@phx.gbl... > Hello, > > Ok, this might be a simple fix to others, but to me I > just don't understand. > > Server: > Cable modem comes in, connected to a Linksys Router, and > then connected to NIC1 on SBS2003 Server. Then NIC2 is > connected to a hub which all of the other workstations > are connected to. Simple and normal. > > Problem: > There is no firewall on the sever at all. We are using > NAT translation. (Don't ask, the boss didn't want to > spend money, but he will, I know when there is an > attack) Anyway, for some reason the server is not > allowing traffic through certain ports. > > Let me go into this a bit more. The router, which is > connected to NIC1 is running DHCP so NIC1 can pull an IP > from it. Which it did and it's working. The router has > certain ports open and allowing traffic to the IP that > the server pulled. In this case 192.168.20.100. > > Now, when clients try to use programs that needs those > ports, it's acting like they are not open. The network > is using 19.168.10.x as it's IP range. Under the old way > when a server was not here, we would just open the ports > for the specific client and pointed them to the IP of the > client machine. So in theory, you would figure that > since the Server is now acting as the gateway, you would > point all the open [prts to the server and wa-la! IT > should work and everything back to normal. Nope. > > But for some reason the server in the mix is now stopping > the clients from seeing the ports as open. > > During the install of the SBS2003 software, we didn't add > the ISA server, and during the Internet Setup we told the > firewall to be disabled, so basically we are only working > with what the Router has in the form of NAT translation. > The ports needed are open, and pointing to the IP address > reported in the DHCP list on the router. But thats odd > as well. The router is saying 192.168.20.100 but the NIC > in the server is reporting 192.168.20.102. This is > stranger then strange. > > Why are these ports being seen as closed?!?!?! > > Thanks for any help you can offer, this one has me > stumped... > > Tom. >
- Next message: TOny: "Re: You must be a member of the Domain Admins, Schema Admins, and Enterprise Admins groups"
- Previous message: TOny: "You must be a member of the Domain Admins, Schema Admins, and Enterprise Admins groups"
- In reply to: Tom: "Servers & Routers and Firewalls, Oh my...."
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
