You beat me to that one. Jon
On Wed, Mar 16, 2011 at 3:45 PM, Miller Bonnie L. < [email protected]> wrote: > Under control panel, Network & Sharing Center, can you confirm that NIC > is actually using the domain profile and not a different one? > > > > *From:* Ziots, Edward [mailto:[email protected]] > *Sent:* Wednesday, March 16, 2011 9:08 AM > > *To:* NT System Admin Issues > *Subject:* RE: Windows Firewall question WIndows 2008 R2 > > > > Also turned off the firewall on the domain profile, still didn’t make a > difference. Still can’t see the ports open from an Nmap scan, and I can’t > see any packets dropped on the firewall logs which I should be able to see. > > > > > I have inbound connections that don’t match a rule are dropped. The Default > settings for inbound connections are block on the Firewall with Advanced > settings. I am logging both successful and blocked connections. > > > > Any other ideas? > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:[email protected] > > Cell:401-639-3505 > > > > *From:* Ziots, Edward [mailto:[email protected]] > *Sent:* Wednesday, March 16, 2011 11:45 AM > *To:* NT System Admin Issues > *Subject:* RE: Windows Firewall question WIndows 2008 R2 > > > > Even allowing ALL IP’s from the for the rule doesn’t seem to help show > that port as open. > > > > Under scope Local IP’s I selected all, and under remort IP’s I selected > all. ( Should allow any IP to talk to this server locally and process to > talk to any remote IP) if I am reading it right. > > > > Z > > > > > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:[email protected] > > Cell:401-639-3505 > > > > *From:* Ziots, Edward [mailto:[email protected]] > *Sent:* Wednesday, March 16, 2011 11:36 AM > *To:* NT System Admin Issues > *Subject:* Windows Firewall question WIndows 2008 R2 > > > > > > I am following the documentation for getting the firewall rule for an > application ( Inbound port and Outbound Server) to work and verify that > packets from any other host are dropped. > > > > We are utilizing the Domain Profile, and I have turned on logging to for > the Domain Profile for Logging and created the Pfirewall.log , but I am > doing an NMAP Scan from my PC and not getting any dropped packets in the > firewall log. > > > > All I have in place right now is an In-bound packet rule that allows port X > on the local host ( Its IP) to talk to port X on the remote host on its IP. > > > > SO local IP I put the IP Address of my Windows 2008 R2 SP1 system and the > remote host I put the IP Address of the remote system. DO I need to add an > equal rule to the outbound rules on the R2 host to get the 2way > communication to work, or is it smart enough to do stateful packet > inspection and if inbound is allowed allow the equal and opposite to > outbound? > > > > Ideas? > Z > > > > > > > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:[email protected] > > Cell:401-639-3505 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
