?
Solved

Windows Firewall

Posted on 2006-07-05
8
Medium Priority
?
374 Views
Last Modified: 2012-05-05
When I first installed SBS 2003, Windows Firewall was running. For some reason after applying Windows updates and getting up to the stage where the server is ready to go, I get the following message when trying to start the Windows Firewall service:

"Windows Firewall cannot run because the Windows Firewall/Internet Connection Sharing (ICS) service is not running."

Any ideas? Isn't it a bit risky having the firewall disabled?

Thanks in advance.
0
Comment
Question by:DReade83
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
8 Comments
 
LVL 7

Expert Comment

by:puter_geek
ID: 17046769
It is VERY risky, and definitely not recommended if you have it connected directly to the internet.  If you have a router, or hardware firewall of some sort, then it's not so bad at all. You just have to have something there.  

Personally, on my server, I don't have it running, but I also have a Linksys router between it and the world.  I forwarded the ports I needed through the router and that was it.  80, 21, 3389, ect.
0
 

Author Comment

by:DReade83
ID: 17046861
Ah right, that's what I have, a hardware firewall/router with port forwarding setup.

Any idea why Windows disables it?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17050295
Hi DReade83,

Did you happen to run the Security Configuration Wizard?  Because the Windows Firewall should NOT be installed or running on an SBS.  If you have SBS Standard, RRAS will act as your firewall if you have two NICs (you should also have a hardware firewall in front of your server such as puter_geek suggested.

You configure all of this with the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email)

A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Jeff
TechSoEasy
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 7

Expert Comment

by:puter_geek
ID: 17075356
Because since you only have one network connection, it automatically disables it.  Part way through the install it asks you if it is connected through the internet through a residential gateway, so it knows that it doesn't need it and disables it.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17077532
Has nothing to do with having one Internet connection... you're thinking of RRAS's firewall...  which would be disabled with a single NIC, not because it doesn't need it, but because it won't work with only one interface.  

However, the question is regarding the ICS Firewall... the Windows internal software firewall... which shouldn't be enabled at all on an SBS.

Jeff
TechSoEasy
0
 

Author Comment

by:DReade83
ID: 17077727
Could you explain why please Jeff? I'm just curious why SBS disables it.

Thanks.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 17077827
SBS has full versions of Windows Server 2003, Exchange Server, IIS, Active Directory, DNS and DHCP.  As well as ISA Server and SQL Server (if premium).  Becuase these are full versions, they have all the features you'd find in the standard products.  However, because SBS has all of these things operating on the same machine there are a number of things that you wouldn't use even though they haven't been taken out.  The ICS Firewall is one of those.  

It also shouldn't be used on any Server 2003 that is a DC or provides DHCP.

Please review http://support.microsoft.com/kb/324286 for more info and which includes this statement:

• Do not use ICS on a network that:

• Uses static IP addresses
• Has a Windows Server 2003 domain controller
• Uses other DNS servers, gateways, or DHCP servers
 
Jeff
TechSoEasy
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question