Link to home
Create AccountLog in
Avatar of UtahTN
UtahTNFlag for United States of America

asked on

Adding entries into the Windows Server 2012 R2 firewall.

ATT access my lan techs want me to add IP address and URLS to my Windows 2012 R2 server.

Suggestions on the correct way to add them. I've added ports and etc but this is the first time to add URLS and IPs.

Ex. xxxxx.accessmylan.com IP 10.xxx.xxx.xxx
SOLUTION
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of UtahTN

ASKER

Accessmylan Ireland tech support:

Hi Billy,

External Firewall needs to allow:
sb10f.accessmylan.com - IP: 10.201.200.52
registrar.accessmylan.com - IP: 193.240.43.80
www.accessmylan.com - IP: 193.240.43.81

Ensure that port 443 is open.

I just pinged one of the urls and you are correct it corresponds to the ip address. Therefore I'm assuming they want me to add a rule to the firewall that allows these addresses to 443. What would you suggest. Modifing a current Windows Server 2012 rule or creating a new rule.
Avatar of UtahTN

ASKER

Current on the server I have World Wide WEb Services (HTTPS Traffic.. profile=1ll Enabled=no Action=Allow Overide=No Program System Local address=Any Remote Address=Any Protocol=TCP Local Port=443 Remote Port=Any AuthUsers-Any
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Hi UtahTN,

Why are you adding Public IPs/domains to a Windows firewall. Filtering of Public IPs should occur on the Hardware firewall even if it is a web server in the DMZ.

Windows Firewall only works on IP-basis AFAIK.
Avatar of UtahTN

ASKER

I accidentally looked at the wrong line. This rule is already enabled and set for Any IP address. I think they have something setup incorrectly. The access my lan host and client software are connected and working without any error messages. I'm going to run a few test and try RDP again and see if it is talking through their APN/VPN.
Avatar of UtahTN

ASKER

I asked this question hoping someone else had experience with ATT accessmylan setup. The whole purpose of using their VPN product was so I don't have to open anything to the outside. I could have just used my Global Sonicwall VPN client. I like the idea of using a hotspot that could support several products like, iphone, ipad and notebook at the same time. I had this working last year directly to a windows 7 PC on the same network behind the same router without changing anything in the sonicwall or the windows firewall. Now I'm at a point I want to move it over to the windows 2012 server but someone different was attempt to help me on-board the service.
Normally the firewall rule is enabled and allows connecting from any IP.  By using the scope and adding the IPs it changes to only allow connections from those 3 IPs.

I tend to agree with BST, always better to control from the hardware firewall at the perimeter of the network, but not all routers allow you to do that. SonicWALL will.