?
Solved

How do I open ports in windows 2003 server

Posted on 2008-10-02
11
Medium Priority
?
759 Views
Last Modified: 2013-12-02
Our network servers (all windows 2003) recently had something modified or applied to them that closed all ports execpt for Hp insight managment and Backup exec. There was port 9898 open for tripwire and others but now they are closed. On each windows 2003 server the firewall is disabled but says it's using Domain settings (group policy?). I suspect one of our windows admin's has made a change without properly doing an RFC etc. I've inspected our Default domain GPO and there is no mention of firewall settings being applied. Anybody have any hints where I should look?
0
Comment
Question by:drewman212
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 5

Expert Comment

by:ccns
ID: 22629127
if you goto Administrative tools > routing and remote access see if this is enabled? if it is disable this if you are not using this for firewall/router type things for your server. if you are you con configure from here.
0
 
LVL 9

Expert Comment

by:pablovr
ID: 22629215
Does it have installed any 3rd party firewall software installed (such as alarm zone, or part of an antivirus suite)?
0
 
LVL 9

Expert Comment

by:pablovr
ID: 22629224
Some antivirus solutions have preventive behaviors, in those cases they close ports considered in risk, later they open them again.
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 42

Expert Comment

by:kevinhsieh
ID: 22629455
Is the Windows Firewall/Internet Connection Sharing Service (ICS) running as listed under services?  If so, it's the Windows firewall.  It sounds like someone turned on the firewall via group policies.  You can use the  Group Policy Modeling function of Group Policy Management to see what settings are being forced upon your servers, and which policies are making the changes.
0
 
LVL 9

Expert Comment

by:mgonullu
ID: 22629489
Go to Start -> Run Gpedit.msc
Local Computer policies
Admin Templates
Network Connections
Windows Firewall

Make sure that it not configured there so it can take the default value
0
 
LVL 19

Accepted Solution

by:
Jeremy Weisinger earned 1500 total points
ID: 22629761
Run "gpresult /v" (you probably want to redirect the output because this command generates a lot of text) and you can see if firewall settings are being pushed down through Group Policy and if so, what GPO has the settings.
0
 

Author Comment

by:drewman212
ID: 22632847
I checked AV, RRAS etc but no luck but I get this entry in the gpresult

Default Domain Policy
                KeyName:     Software\Policies\Microsoft\WindowsFirewall\DomainProfile\EnableFirewall
                Value:       0, 0, 0, 0
                State:       Enabled

So this means it's pushed thru this domain policy?
0
 

Author Comment

by:drewman212
ID: 22632942
I've checked the Group policy that is applied under

network connections\windows firewall\domain profile\ Windows firewall: Protect all network connections
it has been set to disabled.

Could it be a security template that has been applied to the servers (we are talking over 50 of them)

0
 
LVL 9

Expert Comment

by:mgonullu
ID: 22632974
yes it is
0
 
LVL 19

Assisted Solution

by:Jeremy Weisinger
Jeremy Weisinger earned 1500 total points
ID: 22633064
Well if it says it's using the domain profile and it's disabled that should be fine.

Are you sure the services are running and listening on the ports you expect?
Run
netstat -a | find "LISTENING"

From that list you should see all the ports that the server is listening on. Is file and print sharing working? Is it really everything expect HP Insight and Backup Exec being blocked or is it just a few programs that aren't working?
0
 
LVL 9

Expert Comment

by:pablovr
ID: 22634888
Besides netstat, you can use some of these tools to check open ports:

http://www.nirsoft.net/utils/cports.html
http://www.radmin.com/products/utilities/portscanner.php
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month12 days, 15 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question