Windows Firewall, trouble opening ports
I have Backup software accessing to a remote computer. set up is like this.
Computer A:
windows 2003
backup software
ip address: 10.0.0.10
Computer B:
Windows 8.1
ip address: 10.0.0.20
Now the backup software was not able to connect to computer B. After enough testing, it was firewall issue on computer B. If I turned off firewall for Domain profile, the software on A is able to connect to B.
Now after I tried to make same windows firewall inbound rules in B like other computers in network which A doesn't have problem connecting to, I didn't find any difference of inbound rules. Weird... So what I did is, I created a manual rule 'Connection from Computer A', then allow all programs, services, any port, any protocol, then add Computer A's IP address to 'Remote IP' and selected 'Any Local IP' in Computer B. This should allow all connections from Computer A to B. But this didn't work.
There's no any block rules on Computer B, all rules are for allow, so there is no overwrapped rules.
I specifically have to turn off windows firewall for Domain profile in order to make the software from computer A to B. What am I doing wrong?
Computer A:
windows 2003
backup software
ip address: 10.0.0.10
Computer B:
Windows 8.1
ip address: 10.0.0.20
Now the backup software was not able to connect to computer B. After enough testing, it was firewall issue on computer B. If I turned off firewall for Domain profile, the software on A is able to connect to B.
Now after I tried to make same windows firewall inbound rules in B like other computers in network which A doesn't have problem connecting to, I didn't find any difference of inbound rules. Weird... So what I did is, I created a manual rule 'Connection from Computer A', then allow all programs, services, any port, any protocol, then add Computer A's IP address to 'Remote IP' and selected 'Any Local IP' in Computer B. This should allow all connections from Computer A to B. But this didn't work.
There's no any block rules on Computer B, all rules are for allow, so there is no overwrapped rules.
I specifically have to turn off windows firewall for Domain profile in order to make the software from computer A to B. What am I doing wrong?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you have any other firewall software running on the Windows 8 Machine?
ASKER
Antivirus turned off. no extra firewall.
I created inbound rule to open wide everything between Computer B and A, still same;
'Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services.
I specifically have to turn off windows firewall on domain profile to make the connection works. So it's this Windows firewall on domain profile causing this problem.
There's no 'block' rule inbound, tried to make the inbound rules exactly same as other computers which don't have problem being accessed by computer A. No luck.
Something of Windows firewall is blocking, but don't know what it is.
I created inbound rule to open wide everything between Computer B and A, still same;
'Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services.
I specifically have to turn off windows firewall on domain profile to make the connection works. So it's this Windows firewall on domain profile causing this problem.
There's no 'block' rule inbound, tried to make the inbound rules exactly same as other computers which don't have problem being accessed by computer A. No luck.
Something of Windows firewall is blocking, but don't know what it is.
ASKER
I had this weird problem before, but couldn't get answer. It was not the same software, but different softwares.
Can the machines ping each other?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes, since I created inbound rules opening wide all, ping is not a problem.
ASKER
I read it, my network is correctly set up and file sharing is on the domain. I don't think it's file sharing problem on domain profile. When I turn off Windows Firewall on Domain profile, there's no problem. So it's firewall issue, I think.
But what I don't understand is, isn't that turning off windows firewall on domain profile is the same as creating rule opening wide as I described above('Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services. )? What is the difference between turning off specifically and opening all in inbound rule? Are any hidden rules blocking in windows firewall?
But what I don't understand is, isn't that turning off windows firewall on domain profile is the same as creating rule opening wide as I described above('Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services. )? What is the difference between turning off specifically and opening all in inbound rule? Are any hidden rules blocking in windows firewall?
ASKER
wait a minute, so the difference might be outbound rule, then? let me check..
ASKER
no luck
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Does your domain have any group policy settings that will over ride your changes?
ASKER
Am I understanding correctly?
Under tab Scope, Local IP is ip address of my NIC and Remote IP is outside IP trying to access my PC.
By the way, setting is 'Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services, All Interfaces, All Profiles (Private, Domain, Public). Still not the same as turning off firewall on Domain profile. This is driving me crazy
Under tab Scope, Local IP is ip address of my NIC and Remote IP is outside IP trying to access my PC.
By the way, setting is 'Any Local IP' 'Any Remote IP', Any port, any protocol, all programs and services, All Interfaces, All Profiles (Private, Domain, Public). Still not the same as turning off firewall on Domain profile. This is driving me crazy
ASKER
I have a group policy setting disabling changing windows firewall settings, but I'm admin, I am not in the filtered group getting affected. I can enable disable change settings whatever
You could try forcing the change by using group policy to allow the connections through.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It looks as something related to RPC(UDP 135), but even when inbound rule is all open, why it matters? RPC seems working fine only when firewall is turned off on domain profile.
Protocol 17 is UDP
Port: 135
==========================
Event ID 5152
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID: 0
Application Name:
-
Network Information:
Direction: Outbound
Source Address:
192.168.1.120
Source Port: 0
Destination Address:
192.168.1.11
Destination Port:
0
Protocol: 1
Filter Information:
Filter Run-Time ID:
245836
Layer Name: ICMP Error
Layer Run-Time ID:
32
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID: 0
Application Name:
-
Network Information:
Direction: Inbound
Source Address:
192.168.1.11
Source Port: 35341
Destination Address:
192.168.1.120
Destination Port:
135
Protocol: 17
Filter Information:
Filter Run-Time ID:
245834
Layer Name: Transport
Layer Run-Time ID:
13
Protocol 17 is UDP
Port: 135
==========================
Event ID 5152
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID: 0
Application Name:
-
Network Information:
Direction: Outbound
Source Address:
192.168.1.120
Source Port: 0
Destination Address:
192.168.1.11
Destination Port:
0
Protocol: 1
Filter Information:
Filter Run-Time ID:
245836
Layer Name: ICMP Error
Layer Run-Time ID:
32
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID: 0
Application Name:
-
Network Information:
Direction: Inbound
Source Address:
192.168.1.11
Source Port: 35341
Destination Address:
192.168.1.120
Destination Port:
135
Protocol: 17
Filter Information:
Filter Run-Time ID:
245834
Layer Name: Transport
Layer Run-Time ID:
13
ASKER