?
Solved

client firewall block server access

Posted on 2004-10-16
5
Medium Priority
?
145 Views
Last Modified: 2010-04-13
I have a win2k adv sever runnig AD with couple of winxp client connecting to it.

The network works fine but i have a problme communicating with one of the xp machine.
If i try to ping the name of the machine from the server, it'll give me time out. but it does ping the right IP address.
The client computer can access the server no problem.

Took me quite sometimes to figure out where the problem lies.

If i disable the personal firewall on the client machine. I can ping it from the server.

can anyone tell me how do i fix this problem?

0
Comment
Question by:mysticaljoey
5 Comments
 
LVL 3

Expert Comment

by:jacauc
ID: 12326555
Yes,

Is this client running Service Pack 2 or Service Pack 1?
You can enable pings in the advanced section of the firewall settings under "ICMP"
Select "Allow incoming ICMP request"

Let me know if you need more info

Thanks
J
0
 

Author Comment

by:mysticaljoey
ID: 12327210
The reason why i'm doing this is because our company is running a client server app. The server cannot update data to the workstation if they can't even see the computer. So can you tell me what should i do to enable just that with out compromising sucurity.

0
 
LVL 3

Expert Comment

by:jacauc
ID: 12327734
You can do that without compromising security at all...
Instead if you want to prevent DenialofService attacks from the internet, rather install a firewall on the internet gateway.

It should really not compromise security on the inside of the network.

We are running a MAJOR network, and this is open internally.

J
0
 
LVL 1

Expert Comment

by:lynnton
ID: 12328352
mysticaljoey,

Take into consideration, does the client server app uses the ping utility to test if there's a valid connection? try it.
Not all application require a ping to test for a connection is valid or not.
i.e.  
*telnet www.intel.com 80  - this will give you a valid connection to port 80 (WEB PORT)
*ping www.intel.com  - this will give you an ICMP test if it is an ACTIVE IP, nowadays people block ICMP (so ping is not   really reliable these days).

Thanks,
Lynnton
0
 
LVL 20

Accepted Solution

by:
Debsyl99 earned 150 total points
ID: 12330982
Hi

IF this PC is on an internal network and the network is adequately protected from external inbound connections by a hardware firewall (which I would assume it is as you'd need more than the XP ICF) then just disable the firewall - it's just not configurable enough, and really, internally you don't need it,


"""To resolve this behavior, use a firewall only for network connections that you use to connect directly to the Internet. For example, use a firewall on a single computer that is connected to the Internet directly through a cable modem, a DSL modem, or a dial-up modem. If you use the same network connection to connect to both the Internet and a home or office network, use a router or firewall that prevents Internet computers from connecting to the shared resources on the home or office computers.

Do not use a firewall on network connections that you use to connect to your home or office network unless the firewall can be configured to open ports only for your home or office network. If you connect to the Internet by using your home or office network, a firewall can be used only on the computer or the other device, such as a router, that provides the connection to the Internet. For example, if you connect to the Internet through a network that you manage, and that network uses connection sharing to provide Internet access to multiple computers, you can install or enable a firewall only on the shared Internet connection. If you connect to the Internet through a network that you do not manage, verify that your network administrator is using a firewall.""

Internet firewalls can prevent browsing and file sharing
http://support.microsoft.com/?kbid=298804

Deb :))
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article explains how to use the rsync command to create backups and sync data across hosts. Rsync is a very useful command that is often used to copy data, make backups, migrate hosts, and bridge the gap between site staging and production envi…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Is your organization moving toward a cloud and mobile-first environment? In this transition, your IT department will encounter many challenges, such as navigating how to: Deploy new applications and services to a growing team Accommodate employee…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question