[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Windows firewall sp2

Posted on 2007-03-29
7
Medium Priority
?
355 Views
Last Modified: 2010-04-10
Morning,

I seem to be having a small problem with windows firewall on a server 2003 enteprise edition.
I've installed SP2 and all relevent updates. the server is setup as one domain controller with dns.
All is working AOK on that side - the problem started when i tried to join a computer's to the domain, i was getting access denied errors etc, (these were fresh installs) I found that disabling the firewall sorted this problem.
Now that i have 5 users connected to the domain they all have problems logging on to it.  It just hangs there for ages and ages.  If i disable windows firewall they connect immediately.
Do i need to open any ports for Active D and DNS - never had to do this before from memory - strange.


Thanks for any help.


0
Comment
Question by:John
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 14

Accepted Solution

by:
Burns2007 earned 750 total points
ID: 18821935
Personally I would disable windows firewall on the server.

Windows firewall is not a valid solution fo ryour internal connection.

Do you have this server directly connected to the internet and using ICS? If so, you can enable the firewall on that connection but not the internal one.

If you a router etc instead connected to the network, I wouldn't have the windows firewall turned on at all on your server.
0
 

Author Comment

by:John
ID: 18821975
Hi Burns2007

The server and clients use are using a Netgear DG834 ADSL router with built in NAT etc for internet access.  I'm not using ICS so i don't know what you mean about using the firewall on that connection. do you think not having the firewall on will be sufficient. I'd prefer to have it on but don't understand why this is giving me problems.


Thanx.
0
 
LVL 11

Expert Comment

by:Zenith63
ID: 18828412
Your NAT router will be acting as a firewall to the outside world, effectively sealing you off from it, so having a firewall on the server is probably going to cause you more hassle (for reasons like the problem you've described) then the small amount of extra security you gain.  The Windows firewall is only really giving you two extra bits of security - it will prevent access to the server from clients already on your network (not important in most small businesses IMHO) and will prevent the spread of network viruses to the server if one happens to get onto a LAN PC (again not that important considering how rare viruses are these days and how good most AntiVirus programs are if they're up-to-date).
So I agree with Burns2007, dump the firewall, you don't need it and it will cause more problems then it solves.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:John
ID: 18831384
OK, see what your saying.  Have you guys run servers before without any firewall protection.

0
 

Author Comment

by:John
ID: 18832222
I still don't like teh idea of running this Server without a personal firewall turned on,  especially as it's running as a file server and DNS server.  My NAT firewall router will only provide a perimator wall for traffic on the Net - if a laptop user for instance is infected with a virus, this could easily spead across the LAN, and effect any weak system that's vunerable. i.e MSblaster worm etc or any new born.

There are tonnes of ports, so opening a few for Server 2003 to function correctly shouldn't be a problem.  Do you guys know the right ports for this.

Cheers
0
 
LVL 11

Assisted Solution

by:Zenith63
Zenith63 earned 750 total points
ID: 18836113
Sorry, I don't know the ports in question.  To answer your other question; I have never put a firewall on a server, ever.  I also can't remember the last time I came across a server with a firewall on it.  It's just not the way it tends to be done for the very reason you've come across.

Decent AntiVirus (including server email scanning) updated at least daily and regular Windows updates is enough in a vast majority of cases.
0
 

Author Comment

by:John
ID: 18836816
Ok i will close this question and take your advice. I'm looking into getting a better hardware firewall anyway which should protect the server.

I will share the points out - think that's fair enough.

cheers

W.J
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question