• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 210
  • Last Modified:

client firewall block server access

I have a win2k adv sever runnig AD with couple of winxp client connecting to it.

The network works fine but i have a problme communicating with one of the xp machine.
If i try to ping the name of the machine from the server, it'll give me time out. but it does ping the right IP address.
The client computer can access the server no problem.

Took me quite sometimes to figure out where the problem lies.

If i disable the personal firewall on the client machine. I can ping it from the server.

can anyone tell me how do i fix this problem?

0
mysticaljoey
Asked:
mysticaljoey
1 Solution
 
jacaucCommented:
Yes,

Is this client running Service Pack 2 or Service Pack 1?
You can enable pings in the advanced section of the firewall settings under "ICMP"
Select "Allow incoming ICMP request"

Let me know if you need more info

Thanks
J
0
 
mysticaljoeyAuthor Commented:
The reason why i'm doing this is because our company is running a client server app. The server cannot update data to the workstation if they can't even see the computer. So can you tell me what should i do to enable just that with out compromising sucurity.

0
 
jacaucCommented:
You can do that without compromising security at all...
Instead if you want to prevent DenialofService attacks from the internet, rather install a firewall on the internet gateway.

It should really not compromise security on the inside of the network.

We are running a MAJOR network, and this is open internally.

J
0
 
lynntonCommented:
mysticaljoey,

Take into consideration, does the client server app uses the ping utility to test if there's a valid connection? try it.
Not all application require a ping to test for a connection is valid or not.
i.e.  
*telnet www.intel.com 80  - this will give you a valid connection to port 80 (WEB PORT)
*ping www.intel.com  - this will give you an ICMP test if it is an ACTIVE IP, nowadays people block ICMP (so ping is not   really reliable these days).

Thanks,
Lynnton
0
 
Debsyl99Commented:
Hi

IF this PC is on an internal network and the network is adequately protected from external inbound connections by a hardware firewall (which I would assume it is as you'd need more than the XP ICF) then just disable the firewall - it's just not configurable enough, and really, internally you don't need it,


"""To resolve this behavior, use a firewall only for network connections that you use to connect directly to the Internet. For example, use a firewall on a single computer that is connected to the Internet directly through a cable modem, a DSL modem, or a dial-up modem. If you use the same network connection to connect to both the Internet and a home or office network, use a router or firewall that prevents Internet computers from connecting to the shared resources on the home or office computers.

Do not use a firewall on network connections that you use to connect to your home or office network unless the firewall can be configured to open ports only for your home or office network. If you connect to the Internet by using your home or office network, a firewall can be used only on the computer or the other device, such as a router, that provides the connection to the Internet. For example, if you connect to the Internet through a network that you manage, and that network uses connection sharing to provide Internet access to multiple computers, you can install or enable a firewall only on the shared Internet connection. If you connect to the Internet through a network that you do not manage, verify that your network administrator is using a firewall.""

Internet firewalls can prevent browsing and file sharing
http://support.microsoft.com/?kbid=298804

Deb :))
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now