Solved

Firewall Scope Custom List

Posted on 2008-10-13
2
729 Views
Last Modified: 2013-11-29
I am confused on how the Windows Server 2008 Firewall handles it's exclusions.  I am trying to limit access to the SQL server to specific IP addresses: 64.26.27.155,75.19.188.102,127.0.0.1.  I may not need the 127.0.0.1, but it's in there.

Connecting from localhost or 75.19.188.102 works fine.  However, we have a website on another server which when I ping the website it goes to 64.26.27.155 (implying this is the IP address of the website I should use in the Firewall exception).  When I try to access the application on this website that accesses the SQL server, I get an error that it cannot connect to the SQL server.  I am not sure how to trace the connections and determine what is happening.  If I allow any computer in the firewall exception, then it works fine from the website.

Suggestions?  Do I have an incorrect assumption in confirming the IP address?
0
Comment
Question by:dageyra
2 Comments
 
LVL 1

Author Comment

by:dageyra
ID: 22714768
I solved the problem by enabling logging in the Windows Firewall using this page: http://articles.techrepublic.com.com/5100-10878_11-6171339.html.  This showed me the IP address that was being blocked.

I would still be willing to award points if anyone knows how to customize the Firewall logs so that drop packets are in different file that accept?
0
 
LVL 31

Accepted Solution

by:
Henrik Johansson earned 500 total points
ID: 22859082
You can separate the logs for the different profiles (domain, private and public) in the advanced firewall, but you can't separate dropped and successful connections in different logfiles.
A workaround is to use a scheduled script that uses 'find "DROP" pfirewall.log > deny-pfirewall.log' and 'find "ALLOW" pfirewall.log > allow-pfirewall.log' to generate the separated logs.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now