Link to home
Create AccountLog in
Avatar of timetracer
timetracer

asked on

SBS 2003 port blocked for Firebird Server

Hi,

We are running a single SBS 2003 box which runs everything for our network (of about 7 PCs) as well as applications and particularlry a couple of apps which use the Firebird (database) Server. The server has 2 NICs, one internal and the other external. The internal set as a private interface. Everything was working fine until the weekend just gone. As I have been informed, nothing was changed over the weekend however come Monday we were unable to use any of our Firebird apps. All traffic to and from these apps is internal only.

Firebird uses the port 3050 and it appears that the port has somehow become blocked? We have done a hoc fix at present and forced it to use port 21 which is working ok except for a single Vista user.

What I am wondering is wether the port has in fact been blocked somehow? Could this be a DNS issue?

Appreciate all help!
Avatar of Michael Worsham
Michael Worsham
Flag of United States of America image

A couple of questions...

1) Is this SBS 2003 Standard or Premium?
2) Is there a firewall software running on the SBS box? (i.e. Basic RRAS/NAT or ISA)
Avatar of timetracer
timetracer

ASKER

Sorry for the lack of detail.

1) It is standard.
2) Basic RRAS is configured for the external NIC, the internal NIC it is set as a private interface on a private network.

Few more things, our network layout is identical to this:

http://www.smallbizserver.net/Articles/tabid/266/articleType/ArticleView/articleId/76/Two-Nics-a-static-IP-address-ISA-router.aspx

Also, I just noticed that in the network interfaces of RRAS we have the Loopback, Internal Conn, External Conn and also another called Internal? I am not sure if that should be there or the significance if any of it.
Further update of details, I do not believe that this is a PC issue. We haven't had any software updates to any of the PCs or the SBS in the last week.
On the SBS server side, open a command window and see if port 3020 is actually listening. Type in 'netstat -na | more'. Then look for port 3050 and see if it's in 'LISTENING' mode.

Then from one of the internal PCs, see if the port is actually available. Best way to test this is to open a command window on a PC then do 'telnet server_ip 3050'. If it connects, then the PC can access the server. If not, then it might be a network routing issue.
I did the netstat on the server and for port 3020:

TCP 192.168.16.2:3020 192.168.16.2:1025  ESTABLISHED

Port 3050 did not appear in the list at all. I then used a PC and tried telnet as you said, it timed out to 3050. I also tried port 21 (which we are currently using to access our DB as a hoc fix for now) which timed out also. I then just tried telnet to the default port 23 and it said it could not establish a connection.

In each case with the telnet test I was using the internal IP address 192.168.16.2
Sorry I just re-ran the netstat, I didn't realise the first time that the firebird server's port had been changed and that is why port 3050 was not appearing. When I changed it back to 3050 and run the netstat command I can see it is in listening mode.

I tried to use telnet again to port 3050 and it didn't appear to connect either using the internal IP 192.168.16.2 or the external IP 192.168.1.5.
The only other option I can give would be to re-run the CEIEW as it handles the NIC connections and how the server is setup for routing needs. I did find this article that might help, since I don't use the basic firewall/NAT in SBS  and rather rely on hardware firewalls for that purpose.

How to Open passthrough Ports on SBS 2003 (NON ISA)
http://sbits.blogspot.com/2007/10/how-to-open-passthrough-ports-on-sbs.html

mwecomputers, appreciate your input thus far.

Ok this is just plain odd now. As an abstract test I setup a port forward on our hardware firewall (same subnet as external NIC on SBS) going out and in for the firebird port. I then reconfigured the firebird server to use port 3050 again and it started working.

I got rid of the port changes to the firewall and it still worked. So it seems as though it just started working again.

What has also been happening this morning, is we have one user who works off site and logs in via vpn each today. Today they have been getting dissconected close to every 5 minutes. As far as we could see there was nothing wrong with their local internet conenction and we have had no interuptions to the office connection.

I just find it odd that after 2 days it would start working, which makes me wonder if we have some problems with an incorrect route or DNS entry?
You might also want to check your network infrastructure. You might have a switch failing someplace or even a NIC card going bad on the server.
Right, I hadn't given that any though at all. Are you aware of any decent diagnostic tools or logging software? I have just found the event view to be completely useless and am having trouble identifying any of the correct log files...
ASKER CERTIFIED SOLUTION
Avatar of Michael Worsham
Michael Worsham
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
After some testing it's seems that I had a problem with a port on the switch in which the server connected to. Either that or the cable. Appreciate your help mwecomputers, I had not even considered hardware issues being the cause of the problem.