RE: RRAS Port configuration
- From: Warren Machanik <WarrenMachanik@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 21 Jun 2008 23:39:00 -0700
Firstly sorry for the delay in gettin gback to you I did not receive a
notification of a reply, may be a problem with my email hosting company (not
the same ISP I use to connec tot he itnernet by the way)
Thank you for your reply, in answer to your questions. I am using RRAS as a
basic firewall. I have two NIC's in the server. The one NIC is connected to
the internal switch the other is connected to a wireless iBurst device, that
connects to the internet. All this was working fine unitl the latest security
patches from Microsoft were downloaded and installed.
The problem is that the iBurst device works in a strange way that I cannot
understand and the technical people could not explain how it works to me
either, it conencts to the internet via PPPoE and does not get issued an IP
address. The server obviously gives it one of those random 169 addresses.
Normally what would happen is the DDNS service I have been using would
establish the external IP and then map the internet to it, that way I could
use Mobile Active Sync, OMA, and OWA.
However now the DDNS service crashes and reports that TCP traffic is blocked
on port 40019 (sorry I made a mistake the last post kept on putting 40010
instead).
So I went into RRAS and try doing what you said already, but the problem is
that you cannot open a whole class "B" and as stated I have no idea what the
external IP is goin got be since the ISP issues an IP in that class "B" range
(41.208.x.x). I have tried using 127.0.0.1 but that interface I assume is the
default interface which I believe is the internal network.
Hope this makes it clearer
--
Warren - All limits are man made
"Guozhen Wang[MSFT]" wrote:
Hello Warren,.
Thank you for your post.
My name is Gary Wang, and it is my pleasure to work with you on this issue!
Please allow me to confirm that my understandings are correct. As I
understand it, the issue is:
You want to know how to open port 40010 on RRAS service.
If I have misunderstood your concerns please feel free to let me know.
Suggestion :
==============
I am not quite sure about your word "open port 40010". Does that means your
SBS clients or server need to access port 40010 on the internet? Or the
internet users need to access port 40010 on SBS server or internal server
in SBS network?
And may I know your exact symptom of network topology? For example, you are
in single NIC scenario or 2 NICs? Which type of connection you are using?
Direct connection to broadband with PPPoE or modem connection to POTS or
ISDN? Please referring to the following document to make sure that you had
configured CEICW in right way:
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us
Based on my experience, RRAS allows all the traffics from inside to
internet. So if your SBS clients or server need to access port 40010 on the
internet, you do not need to any make change on RRAS settings. Unless you
have enabled basic firewall and configured outbound filters. You can check
the outbound filters as below:
1. Please open Routing and Remote Access console on SBS thru run command
"rrasmgmt.msc"
2. Go to Server Name\IP Routing\NAT/Basic Firewall.
3. Right click the interface you are using to provide NAT, choose
Properties.
4. In NAT/Basic Firewall tab, click Outbound filters.
5. Clean the settings there as a test.
6. Restart RRAS service.
If you want the internet users to access port 40010 on SBS server or
internal server in SBS network, I would like to suggest that you try the
following steps:
1. Please open Routing and Remote Access console on SBS thru run command
"rrasmgmt.msc"
2. Go to Server Name\IP Routing\NAT/Basic Firewall.
3. Right click the interface you are using to provide NAT, choose
Properties.
4. Navigate to Services and Ports tab on the right, click Add.
5. Provide a name for the service and the settings required for the
incoming and outgoing ports(40010), and click OK.
Also, you may like to verify whether the port is listening on the server as
below:
a. Telnet the server from internal SBS network.
Run the command: telnet servername 40010 on internal SBS network client.
b. Run the command: Netstat -na on the server, and check whether the port
is listened.
By the way, I would like to suggest that you disable any third party
firewall on the SBS server as a test.
Hope it helps.
I look forward to your reply. Also, if you have any questions or concerns,
please do not hesitate to let me know. I am happy to help. :-)
Thank you for your time and cooperation!
Best regards,
Gary Wang(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: RRAS Port configuration
| thread-index: AcjSOlqfvp47oyViTM+H+3rvuA4eEg==
| X-WBNR-Posting-Host: 207.46.19.168
| From: =?Utf-8?B?V2FycmVuIE1hY2hhbmlr?=
<WarrenMachanik@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: RRAS Port configuration
| Date: Thu, 19 Jun 2008 11:29:05 -0700
| Lines: 10
| Message-ID: <63E65AA5-1767-4D1B-83CE-5F3E746DA020@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2992
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:112356
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I am tryin gto allow port 40010 to be open. it is used for a DDNS
service,
| and the ISP has a IP that is random but falls into the range 41.208.0.0
mask
| 255.255.0.0 or 41.208.x.x
|
| if I guess the IP I can add this port config into the RRAS, but do not
feel
| like aded 65525 entries into th RRAs server,
|
| Is there any way of doing this?
| --
| Warren - All limits are man made
|
- Follow-Ups:
- Re: RRAS Port configuration
- From: Joe
- Re: RRAS Port configuration
- References:
- RE: RRAS Port configuration
- From: Guozhen Wang[MSFT]
- RE: RRAS Port configuration
- Prev by Date: Re: Cant FTP from my SBS server - ISA blocks it with no established connection
- Next by Date: Re: WSUS
- Previous by thread: RE: RRAS Port configuration
- Next by thread: Re: RRAS Port configuration
- Index(es):
Relevant Pages
|
