Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Firewall Scope Custom List

Posted on 2008-10-13
2
Medium Priority
?
738 Views
Last Modified: 2013-11-29
I am confused on how the Windows Server 2008 Firewall handles it's exclusions.  I am trying to limit access to the SQL server to specific IP addresses: 64.26.27.155,75.19.188.102,127.0.0.1.  I may not need the 127.0.0.1, but it's in there.

Connecting from localhost or 75.19.188.102 works fine.  However, we have a website on another server which when I ping the website it goes to 64.26.27.155 (implying this is the IP address of the website I should use in the Firewall exception).  When I try to access the application on this website that accesses the SQL server, I get an error that it cannot connect to the SQL server.  I am not sure how to trace the connections and determine what is happening.  If I allow any computer in the firewall exception, then it works fine from the website.

Suggestions?  Do I have an incorrect assumption in confirming the IP address?
0
Comment
Question by:dageyra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 1

Author Comment

by:dageyra
ID: 22714768
I solved the problem by enabling logging in the Windows Firewall using this page: http://articles.techrepublic.com.com/5100-10878_11-6171339.html.  This showed me the IP address that was being blocked.

I would still be willing to award points if anyone knows how to customize the Firewall logs so that drop packets are in different file that accept?
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 1500 total points
ID: 22859082
You can separate the logs for the different profiles (domain, private and public) in the advanced firewall, but you can't separate dropped and successful connections in different logfiles.
A workaround is to use a scheduled script that uses 'find "DROP" pfirewall.log > deny-pfirewall.log' and 'find "ALLOW" pfirewall.log > allow-pfirewall.log' to generate the separated logs.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question