Windows Server Firewall Blocking access by Domain Clients.
Dear Experts,
I'm using server 2012 r2.
A strange issue (at least to me its strange) -
Some of the domain attched clients are being blocked by the firewall, when I turn off the firewall the problem disappears ..
From the firewall log -
2018-05-12 11:35:31 DROP UDP 192.168.1.3 192.168.1.111 55667 53 60 - - - - - - - RECEIVE
2018-05-12 11:35:31 DROP UDP 192.168.1.3 192.168.1.255 137 137 78 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.7 192.168.1.111 51933 53 62 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.3 192.168.1.111 55667 53 60 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.3 192.168.1.255 137 137 78 - - - - - - - RECEIVE
Incoming connections to 53 (dns) and 137 (network discovery) are dropped ..
Port 53 is in the server firewall to allow any , it has 'block edge traversal' set on.
Any ideas ?
Thanks.
I'm using server 2012 r2.
A strange issue (at least to me its strange) -
Some of the domain attched clients are being blocked by the firewall, when I turn off the firewall the problem disappears ..
From the firewall log -
2018-05-12 11:35:31 DROP UDP 192.168.1.3 192.168.1.111 55667 53 60 - - - - - - - RECEIVE
2018-05-12 11:35:31 DROP UDP 192.168.1.3 192.168.1.255 137 137 78 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.7 192.168.1.111 51933 53 62 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.3 192.168.1.111 55667 53 60 - - - - - - - RECEIVE
2018-05-12 11:35:32 DROP UDP 192.168.1.3 192.168.1.255 137 137 78 - - - - - - - RECEIVE
Incoming connections to 53 (dns) and 137 (network discovery) are dropped ..
Port 53 is in the server firewall to allow any , it has 'block edge traversal' set on.
Any ideas ?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi ,
unfortunately cannot upload wfw files - "The extension of the uploaded file is not in the list of accepted extensions" ..
Is there another way ..
Maybe email ?
Thanks.
unfortunately cannot upload wfw files - "The extension of the uploaded file is not in the list of accepted extensions" ..
Is there another way ..
Maybe email ?
Thanks.
rename w-rules.wfw to
w-rules.wfw.txtASKER
ASKER
Hi Folks,
I'm still having Firewall problems, is there a way to monitor whatever it is thats causing the firewall to block accesses, I have turned off the firewall for now which obviously is not ideal ..
Thanks, Chris.
I'm still having Firewall problems, is there a way to monitor whatever it is thats causing the firewall to block accesses, I have turned off the firewall for now which obviously is not ideal ..
Thanks, Chris.
ASKER
Ok found the problem, we block invalid RDP requests using something other than the firewall.
Well actually it works by appending rules to the firewall.
The exception list seemed to have disappeared from the software, so it was adding local clients to the blocklist on the firewall.
I don't know how the exception list disappeared but iit did.
Another possiblility is that it never had an exception list, I don't recall putting one there ..
Anyway it does now.
And it works well - again.
ManyThanks.
Well actually it works by appending rules to the firewall.
The exception list seemed to have disappeared from the software, so it was adding local clients to the blocklist on the firewall.
I don't know how the exception list disappeared but iit did.
Another possiblility is that it never had an exception list, I don't recall putting one there ..
Anyway it does now.
And it works well - again.
ManyThanks.
Open in new window