Solved

Firewall Scope Custom List

Posted on 2008-10-13
2
732 Views
Last Modified: 2013-11-29
I am confused on how the Windows Server 2008 Firewall handles it's exclusions.  I am trying to limit access to the SQL server to specific IP addresses: 64.26.27.155,75.19.188.102,127.0.0.1.  I may not need the 127.0.0.1, but it's in there.

Connecting from localhost or 75.19.188.102 works fine.  However, we have a website on another server which when I ping the website it goes to 64.26.27.155 (implying this is the IP address of the website I should use in the Firewall exception).  When I try to access the application on this website that accesses the SQL server, I get an error that it cannot connect to the SQL server.  I am not sure how to trace the connections and determine what is happening.  If I allow any computer in the firewall exception, then it works fine from the website.

Suggestions?  Do I have an incorrect assumption in confirming the IP address?
0
Comment
Question by:dageyra
2 Comments
 
LVL 1

Author Comment

by:dageyra
ID: 22714768
I solved the problem by enabling logging in the Windows Firewall using this page: http://articles.techrepublic.com.com/5100-10878_11-6171339.html.  This showed me the IP address that was being blocked.

I would still be willing to award points if anyone knows how to customize the Firewall logs so that drop packets are in different file that accept?
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 500 total points
ID: 22859082
You can separate the logs for the different profiles (domain, private and public) in the advanced firewall, but you can't separate dropped and successful connections in different logfiles.
A workaround is to use a scheduled script that uses 'find "DROP" pfirewall.log > deny-pfirewall.log' and 'find "ALLOW" pfirewall.log > allow-pfirewall.log' to generate the separated logs.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question