|
Posted by user on March 19, 2007, 7:41 pm
Please log in for more thread options
Hello,
On my webserver I set "enable tcp ip filtering" to permit only TCP ports
21,21,25,53,80,110,443,1433,3389 and 8086
UDP ports permit only 53 and IP protocols set to permit all.
Problem now is I can access the webserver on this machine from a remote
location (as expected), however, I now cannot access the internet using
internet explorer from this machine (unexpected)
What do I need to change in order for IE to access the internet from this
server? (It has also affected the ability to download NAV updates)
|
|
Posted by Roger Abell [MVP] on March 20, 2007, 1:24 am
Please log in for more thread options
The Tcp/Ip filtering you are using is very old. It probably has
not been changed since NT 3.51.
The issue you have is due to fact that you are attempting to go
to Tcp 80 (or 443) but from a port not in your list, so the return
is to a port not allowed.
Most people today would be using the Windows firewall, or
IPsec in a purely filtering mode (and to meet your IE usage,
then define that traffic FROM tcp 80 and 443 is allowed)
Actually, as a standard practice people do not browse from
their servers, so while most people use other means they are
likely not defining such that browsing can happen.
> Hello,
> On my webserver I set "enable tcp ip filtering" to permit only TCP ports
> 21,21,25,53,80,110,443,1433,3389 and 8086
> UDP ports permit only 53 and IP protocols set to permit all.
> Problem now is I can access the webserver on this machine from a remote
> location (as expected), however, I now cannot access the internet using
> internet explorer from this machine (unexpected)
> What do I need to change in order for IE to access the internet from this
> server? (It has also affected the ability to download NAV updates)
>
|
|
Posted by Dana on March 20, 2007, 8:42 pm
Please log in for more thread options
> Hello,
> On my webserver I set "enable tcp ip filtering" to permit only TCP ports
> 21,21,25,53,80,110,443,1433,3389 and 8086
> UDP ports permit only 53 and IP protocols set to permit all.
> Problem now is I can access the webserver on this machine from a remote
> location (as expected), however, I now cannot access the internet using
> internet explorer from this machine (unexpected)
> What do I need to change in order for IE to access the internet from this
> server? (It has also affected the ability to download NAV updates)
need to allow port 80
>
>
|
|
Posted by Roger Abell [MVP] on March 20, 2007, 10:57 pm
Please log in for more thread options
>
>> Hello,
>> On my webserver I set "enable tcp ip filtering" to permit only TCP ports
>> 21,21,25,53,80,110,443,1433,3389 and 8086
>> UDP ports permit only 53 and IP protocols set to permit all.
>> Problem now is I can access the webserver on this machine from a remote
>> location (as expected), however, I now cannot access the internet using
>> internet explorer from this machine (unexpected)
>> What do I need to change in order for IE to access the internet from this
>> server? (It has also affected the ability to download NAV updates)
>
> need to allow port 80
The feature poster is using only allow defining receiving ports.
Poster lack definition to allow from tcp 80/443 to any tcp port at local IP.
So, need you mention cannot be done with feature in use.
|
|
Posted by ghaaaaaaz on March 26, 2007, 6:33 am
Please log in for more thread options >
>
>
>
> >> Hello,
> >> On my webserver I set "enable tcp ip filtering" to permit only TCP ports
> >> 21,21,25,53,80,110,443,1433,3389 and 8086
> >> UDP ports permit only 53 and IP protocols set to permit all.
> >> Problem now is I can access the webserver on this machine from a remote
> >> location (as expected), however, I now cannot access the internet using
> >> internet explorer from this machine (unexpected)
> >> What do I need to change in order for IE to access the internet from this
> >> server? (It has also affected the ability to download NAV updates)
>
> > need to allow port 80
>
> The feature poster is using only allow defining receiving ports.
> Poster lack definition to allow from tcp 80/443 to any tcp port at local IP.
> So, need you mention cannot be done with feature in use.
read the tutorial here http://d.1asphost.com/amar4
|
| Similar Threads | Posted | | Looking for a software firewall for W2K3 that does IP filtering | July 13, 2006, 8:40 am |
| TCP/IP Filtering | April 24, 2006, 2:06 pm |
| basic VPN question | March 18, 2007, 8:28 am |
| Basic IPSec question. | November 3, 2006, 3:46 pm |
| Basic Sec Template Design | November 6, 2006, 7:24 am |
| SID histroy and basic authentication | March 21, 2008, 8:04 am |
| Please recommend good basic Win Server 2003 R2 security book(s) | February 16, 2008, 12:38 pm |
| Cisco 1300 series wireless access point/bridge Vs Linksys WAP54GPE Access Point Anyone know the basic pros & cons? | November 28, 2007, 3:34 pm |
| VPN and Firewall | November 20, 2005, 1:20 am |
| RPC over a Firewall | March 7, 2006, 9:21 am |
|
XML Sitemap