Solved

Firewall Scope Custom List

Posted on 2008-10-13
2
728 Views
Last Modified: 2013-11-29
I am confused on how the Windows Server 2008 Firewall handles it's exclusions.  I am trying to limit access to the SQL server to specific IP addresses: 64.26.27.155,75.19.188.102,127.0.0.1.  I may not need the 127.0.0.1, but it's in there.

Connecting from localhost or 75.19.188.102 works fine.  However, we have a website on another server which when I ping the website it goes to 64.26.27.155 (implying this is the IP address of the website I should use in the Firewall exception).  When I try to access the application on this website that accesses the SQL server, I get an error that it cannot connect to the SQL server.  I am not sure how to trace the connections and determine what is happening.  If I allow any computer in the firewall exception, then it works fine from the website.

Suggestions?  Do I have an incorrect assumption in confirming the IP address?
0
Comment
Question by:dageyra
2 Comments
 
LVL 1

Author Comment

by:dageyra
ID: 22714768
I solved the problem by enabling logging in the Windows Firewall using this page: http://articles.techrepublic.com.com/5100-10878_11-6171339.html.  This showed me the IP address that was being blocked.

I would still be willing to award points if anyone knows how to customize the Firewall logs so that drop packets are in different file that accept?
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 500 total points
ID: 22859082
You can separate the logs for the different profiles (domain, private and public) in the advanced firewall, but you can't separate dropped and successful connections in different logfiles.
A workaround is to use a scheduled script that uses 'find "DROP" pfirewall.log > deny-pfirewall.log' and 'find "ALLOW" pfirewall.log > allow-pfirewall.log' to generate the separated logs.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Join & Write a Comment

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now