nannig3
asked on
SBS 2003 Firewall problem
Running Windows SBS 2003
We have a VPN running on this server, how ever i do want to access the NIC card property to remove all setting for the firewall, but it would not let me in the property, here is the error message "could not start the windows firewall/internet connection ICS service on the local computer. The requested resource is in use. error 170 component (Ipnat.sys).
Thank you
We have a VPN running on this server, how ever i do want to access the NIC card property to remove all setting for the firewall, but it would not let me in the property, here is the error message "could not start the windows firewall/internet connection ICS service on the local computer. The requested resource is in use. error 170 component (Ipnat.sys).
Thank you
Rob Williams
That message indicates another service is enabled which overrides the firewall, in your case Routing and Remote Access, for the VPN. The "Windows Firewall" as we know it is disabled as a result by default. RRAS has a basic NAT firewall that can be enabled, but it will not block by port.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
"how ever i do want to access the NIC card property to remove all setting for the firewall"
There are no firewall settings on a NIC. But assuming you want to remove ANY firewall from SBS the questions would then be:
Why?
What are you trying to accomplish?
Jeff
TechSoEasy
There are no firewall settings on a NIC. But assuming you want to remove ANY firewall from SBS the questions would then be:
Why?
What are you trying to accomplish?
Jeff
TechSoEasy
ASKER
I'm having problems with vpn not connecting. I think the problem is with the firewall blocking me from access the server
Okay... this is a classic example of asking the wrong question. You should never ask a question based on an assumption without clearly describing what the problem is and why your asking. Because otherwise we'll all waste a ton of time here...
If you are haveing problems with the vpn connecting, then you need to say,
"I'm having problems connecting to the server by VPN. The EXACT error message that I'm getting is ___________. I believe this may be caused by the firewall. Do you think that's possible? If so, how do I fix it?"
Because then at least we know what the true problem is. Since the VPN in SBS is configured by the "Configure Remote Access Wizard" and this configures the firewall automatically, it's almost impossible that the second half of your "revised" question would be your problem.
We can then focus on the EXACT error message you got...
So please tell us what that was.
Jeff
TechSoEasy
If you are haveing problems with the vpn connecting, then you need to say,
"I'm having problems connecting to the server by VPN. The EXACT error message that I'm getting is ___________. I believe this may be caused by the firewall. Do you think that's possible? If so, how do I fix it?"
Because then at least we know what the true problem is. Since the VPN in SBS is configured by the "Configure Remote Access Wizard" and this configures the firewall automatically, it's almost impossible that the second half of your "revised" question would be your problem.
We can then focus on the EXACT error message you got...
So please tell us what that was.
Jeff
TechSoEasy
ASKER
TechSoEasy
Welcome? You sure didn't make me feel welcome.
This was my first time on this website. After receiving your reply to my question, I feel this is not the kind of website I want. You will probably not ever see me on this site again.
Welcome? You sure didn't make me feel welcome.
This was my first time on this website. After receiving your reply to my question, I feel this is not the kind of website I want. You will probably not ever see me on this site again.
Ignoring the politics here, the main issue is; nannig3, were you able to resolve your problem?
Jeff can occasionally come on a bit strong, no offense Jeff, but there is no one here who will go to greater lengths to assist with the proper solution to your problem, and he has the know how to do it. Glad to have you aboard nannig3, and hope you will hang around.
I too would question that knightrider2k2's suggestion solved the VPN problem, though it was a reply to your question. I don't believe even though filters show a heading for ports, there is any way to add them. Filters are generally for source and destination filtering by protocol, rather than ports. Also, it is highly unlikely any filters were in place.
Can we help you further with the VPN issue?
If the VPN is not connecting do you receive an error #, such as 800, 691, 721, etc.?
Also with SBS it is important to configure the VPN using the "Configure remote access" and "Create remote connection disk" wizards. If not familiar with these, you might want to have a look at the following site:
Let us know if we can be of any further help.
Jeff can occasionally come on a bit strong, no offense Jeff, but there is no one here who will go to greater lengths to assist with the proper solution to your problem, and he has the know how to do it. Glad to have you aboard nannig3, and hope you will hang around.
I too would question that knightrider2k2's suggestion solved the VPN problem, though it was a reply to your question. I don't believe even though filters show a heading for ports, there is any way to add them. Filters are generally for source and destination filtering by protocol, rather than ports. Also, it is highly unlikely any filters were in place.
Can we help you further with the VPN issue?
If the VPN is not connecting do you receive an error #, such as 800, 691, 721, etc.?
Also with SBS it is important to configure the VPN using the "Configure remote access" and "Create remote connection disk" wizards. If not familiar with these, you might want to have a look at the following site:
Let us know if we can be of any further help.
nanniq3,
I fully acknowledge that I came on WAY too strong and really hope that you know that my apology is sincere.
Jeff
TechSoEasy
I fully acknowledge that I came on WAY too strong and really hope that you know that my apology is sincere.
Jeff
TechSoEasy
JUst noticed I forgot the link in previous post, it was late:
http://www.lan-2-wan.com/SBS-VPN-instr.htm
http://www.lan-2-wan.com/SBS-VPN-instr.htm
Hi
I agree that my response probably didn't helped him. At the time I posted my reply, there was no mention of ports being blocked. I barely told him that if he wants to block traffic on a port he can do that. Please read my post.
Robwill
Now, I could be wrong, please correct me if I am. On the RRAS If I want to block incoming traffic on port TCP 4500, I would create an incoming filter as follows
Source Destination Protocol SourcePort DestinationPort
0.0.0.0 0.0.0.0 TCP any 4500
Will this not block the port?
And yes
I agree that my response probably didn't helped him. At the time I posted my reply, there was no mention of ports being blocked. I barely told him that if he wants to block traffic on a port he can do that. Please read my post.
Robwill
Now, I could be wrong, please correct me if I am. On the RRAS If I want to block incoming traffic on port TCP 4500, I would create an incoming filter as follows
Source Destination Protocol SourcePort DestinationPort
0.0.0.0 0.0.0.0 TCP any 4500
Will this not block the port?
And yes
And yes, It is possible to specify ports.
>>>>I don't believe even though filters show a heading for ports, there is any way to add them
>>>>I don't believe even though filters show a heading for ports, there is any way to add them
Sorry knightrider2k2, not tying to give you a hard time. I know the filters show those headings, but when I actually tried to create a new filter, it didn't give me the option to choose a port. On the system I checked at the time, you could only choose source and destination ports, their respective subnets, and a protocol. The port was not an option. I thought this was interesting as the heading for port is present. Maybe something peculiar about the system I checked. I don't have access to a RRAS server, but will check later.
Ah, just looked it up. If you choose protocol "any", port options are not present. Selecting a specific protocol, will then open a new dialog box, allowing you to choose ports as well. Guess that actually makes sense. My mistake. Sorry.
I just checked. If you select TCP portocol, it brings two more boxes with destinastion and source port.