Solved

How to open ports on Win2k Server

Posted on 2004-04-29
6
1,412 Views
Last Modified: 2007-12-19
I have a routing setup with Windows 2000 Advanced Server.  On the computers behind this router, (using the router as their gateway) all ports are closed so I can't get incoming connections.  Should I use VPN or make a new connection in My Network Places, or should I enable Demand Dialing in Routing and Remote Access?

I know how to open ports with Internet Connection Sharing but can't find a way to do this with the built in Network Manager.
0
Comment
Question by:happispider
  • 3
  • 3
6 Comments
 
LVL 2

Author Comment

by:happispider
ID: 10955312
I tried something and it failed...  I enabled Internet Connection Sharing and managed to open ports (NOT the way I want to do it), then I ran COMMAND /C NETSH DUMP >>C:\DUMP to dump the configuration.  I dumped the configuration with ICS turned off.  The only difference (I did file compare on the 2 files) was in the great big Base64 "blob".  I decoded the base64 and it still looked pretty awful.  I removed binary characters from it and it still made no sense whatsoever.        
:  () ->help!
0
 
LVL 4

Expert Comment

by:matalyn1016
ID: 10955558
You will want to use IPSec to lock down (filter) specific ports.
Here is a helpful link - http://support.microsoft.com/default.aspx?scid=kb;en-us;813878
0
 
LVL 4

Expert Comment

by:matalyn1016
ID: 10955562
To add or block a specific port is about half way down the page.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 2

Author Comment

by:happispider
ID: 10956309
I could kindof understand the article but I need to reread it.  Can u tell me though how to allow access on ports?  Do I just replace BLOCK with ALLOW?  I opened IPSec in MMC console and fooled with it a bit nothing seemed to work.

I also tried deleting HKEY_LOCAL_MACHINE/System/Policies/IPSec or something like that with no luck (I didn't expect luck there)...  I have a connection to Internet on 192.168.1.107 and a connection to LAN (192.168.2.108) on the multihomed computer...  Could you give me an example command for IPsecpol or directions thru an MMC console because [for now] I'm a bit confused.

The article said to use IPSecpol so I probably need to learn more about it, but if there's another way besides ICS, like working thru MMC or regedit that'd be great.

I guess I'll try to be a bit more specific on exactly what I've tried lateron... thanks for help
0
 
LVL 2

Author Comment

by:happispider
ID: 10958145
Looks like I simply had to use NAT routing's 'special ports' feature.  I'm almost happy with this router setup, but it'd be great if I could open more ports than just the ones I specify.  Is that related to IPSec?  I thought IPSec just blocked access.  Can IPSec also allow access to a port (without help from NAT)??
0
 
LVL 4

Accepted Solution

by:
matalyn1016 earned 300 total points
ID: 10962660
You'll find the router is limited and that using IPSec will truley be a joy to use when you better understand it.

To answer your question >> Can IPSec also allow access to a port (without help from NAT)?? << YES!!
You will be able to eliminate NAT all together in most circumstances.

As for the question >> Do I just replace BLOCK with ALLOW? << YES!! again, take some time to better understand how IPSec works and you'll be fine.

Good Luck...
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now