Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 733
  • Last Modified:

Unable to connect to Windows 2008 R2 Webserver from internet but can internally

I currently have an issue with inability to reach my internal server from outside the firewall. here's my setup.

Internet client -> public IP on Adtran hardware firewall -> internal IP of WebServer1 (Windows 2008 R2)

If telnet from the internet client to public IP of WebServer1 (forwarded to the internal IP) on port 80, the connection times out. If I telnet from an internal client to the  internal IP of WebServer1 on port 80, it works fine.

My first thought is a hardware firewall issue but I don't think that's the case.  If I unplug WebServer1 and replace it with WebServer2 (give it WebServer1's internal IP and plug it into the same port on the switch) then telnet on port 80 from the internet works fine. Given that, there is something specific to WebServer1.

I can't figure out what is causing WebServer1 to be unavailable. I've validated that there is no software firewall running on the server (and besides, connections from internal IPs work fine).

The server is a new Dell T310 with a dual-nic broadcom netxtreme cpu. It's using the latest Broadcom drivers and firmware. It's running only the following software, none of which I think has a firewall:
1. Exchange 2010.
2. Microsoft forefront endpoint protection
3. Microsoft forefront for Exchange
4. symantec backup exec

Thoughts welcome.
0
Julian123
Asked:
Julian123
1 Solution
 
Brad BouchardInformation Systems Security OfficerCommented:
I would turn those 4 items mentioned completely off  (process of elimination) and also this is extremely dumb and I'm sure you've checked but make sure Windows Firewall is off.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now