Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 287
  • Last Modified:

Enabled firewall with some rule and now I cannot get to one server on the same subnet

We are working on enabling FW with in our company. Our security folks enable some rules (which we cannot change) and for some reason from a win7 system with the FW enabled I cannot get to any shares on this one 2003 server, when I try to get to it by either \\ip or \\name, it will fail. But from other external site we can get to it with FW enabled. Just seems we can't connect from systems on the same subnet with FW enabled. But I can get to other servers on the same subnet, just this one server is the issue.

Now I cannot change the rules as they are locked out. Any way to troubleshoot this?
0
rdefino
Asked:
rdefino
  • 5
  • 5
  • 2
  • +1
1 Solution
 
Tyler VerkadeCommented:
Can you reach the server by pinging it?
0
 
rdefinoAuthor Commented:
yes, forgot to mention that.
0
 
HeltonQACommented:
Can you ping the IP?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
HeltonQACommented:
Is the server joined to the domain? Is the computer you trying to access form joined to the domain? When you try to navigate to the share \\ip or \\name does it ever pop up for user and password or does it just say it can't find it?
0
 
rdefinoAuthor Commented:
Both systems are in the same domain.

No username or password prompt, just fail to find the server.
0
 
Tyler VerkadeCommented:
This type of problem usually requires that you change the lanman server parameters in order to get Windows 7 working with older servers. Do these adjustments on the Windows 7 machines that need to connect to the server.

Control Panel - Administrative Tools - Local Security Policy

Local Policies - Security Options

Network security: LAN Manager authentication level
Set to Send LM & NTLM responses only

Set the Minimum session security for NTLM SSP
Disable Require 128-bit encryption

Reboot all machines after making the adjustment.
0
 
rdefinoAuthor Commented:
Why would this be needed only when the firewall is enabled?

If I disable the FW I can get to the server just fine,.
0
 
HeltonQACommented:
There is a chance the firewall has UDP ports 135 through 139 or TCP ports 135 through 139 blocked.
0
 
HeltonQACommented:
When you disable the software firewall on the server?
0
 
rdefinoAuthor Commented:
Is there a way to determine if these port (UDP ports 135 through 139 or TCP ports 135 through 139 blocked.) are blocked?

No FW enabled on server.
0
 
HeltonQACommented:
If you have access to the server, you can open up command prompt and type in "netstat -an"  
If you do not have access to the server, you can open up command prompt from one of the computers that is having trouble reaching it and type, "telnet IP Port"
For example, telnet 10.31.1.80 135
0
 
rdefinoAuthor Commented:
Netstat -an on the server:

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    0.0.0.0:111            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
  TCP    0.0.0.0:1061           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:2144           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:3389           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:7937           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:7938           0.0.0.0:0              LISTENING
  TCP    0.0.0.0:8081           0.0.0.0:0              LISTENING
  TCP    10.222.135.247:139     0.0.0.0:0              LISTENING
  TCP    10.222.135.247:139     10.222.133.7:52659     ESTABLISHED
  TCP    10.222.135.247:445     10.222.92.50:64457     ESTABLISHED
  TCP    10.222.135.247:445     10.222.92.51:60662     ESTABLISHED
  TCP    10.222.135.247:445     10.222.133.19:50516    ESTABLISHED
  TCP    10.222.135.247:445     10.222.133.22:50575    ESTABLISHED
  TCP    10.222.135.247:445     10.222.133.122:51160   ESTABLISHED
  TCP    10.222.135.247:445     172.27.22.15:54023     ESTABLISHED
  TCP    10.222.135.247:3389    172.27.22.15:51260     ESTABLISHED
  TCP    10.222.135.247:3844    10.202.88.71:50124     ESTABLISHED
  TCP    10.222.135.247:4201    10.222.135.250:49155   ESTABLISHED
  TCP    127.0.0.1:31000        127.0.0.1:32000        ESTABLISHED
  TCP    127.0.0.1:32000        0.0.0.0:0              LISTENING
  TCP    127.0.0.1:32000        127.0.0.1:31000        ESTABLISHED
  UDP    0.0.0.0:111            *:*
  UDP    0.0.0.0:445            *:*
  UDP    0.0.0.0:500            *:*
  UDP    0.0.0.0:1076           *:*
  UDP    0.0.0.0:1691           *:*
  UDP    0.0.0.0:4500           *:*
  UDP    0.0.0.0:7938           *:*
  UDP    0.0.0.0:8082           *:*
  UDP    10.222.135.247:123     *:*
  UDP    10.222.135.247:137     *:*
  UDP    10.222.135.247:138     *:*
  UDP    127.0.0.1:123          *:*
  UDP    127.0.0.1:1025         *:*
  UDP    127.0.0.1:1049         *:*
  UDP    127.0.0.1:1096         *:*
  UDP    127.0.0.1:3724         *:*
0
 
skullnobrainsCommented:
if i understand what is stated above, the firewall is on the client, and things work when you disable it.

if the above is correct, forget about the server, it works fine, and focus on the client. most likely the LAN has been marked as unsecure and the firewall is configured to forbid sharing of network resources (even while acting as a client). if that is the case, unless you disable the firewall or configure it properly, you won't be able to do much.

one way to bypass might be to enable sharing over ftp, or nfs, or whatever other protocol you find out is not blocked.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 5
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now