|
Posted by David on June 13, 2007, 10:55 am
Please log in for more thread options the computer name (or IP) is required (at least it is on server 2k3 R2
sp2)... it does not let me leave it blank, so I just put in the local IP
since i'm just looking to allow a port on the local machine that is not to
be forwarded to another machine, the service *is* running locally. When
looking at the existing service's however (the preconfigured ones), the
computer name (or IP) is blank. You also must specify the external port. If
you leave the internal port blank you will notice when you go back in, it
automatically filled it in as the same as the external port number.
so again, the interface looks geared for setting up port forwarding, but I
don't see another way to add exception to individual NIC(interface) for host
only stuff (non-port forwarding).. so I wanted to verify what I did is how
it should be done. It does work, unless I have something set somewhere else
that is making it work that I don't realize.
> Nope, the exceptions for individual interfaces is exactly what you use to
> achieve your goal. You don't have to specify the internal computer for
> forwarding - take a look at any of the default service descriptors, for
> example.
>
> --
> Svyatoslav Pidgorny, MS MVP - Security, MCSE
> -= F1 is the key =-
>
> * http://sl.mvps.org * http://msmvps.com/blogs/sp *
>
>> windows server 2003 R2 sp2
>>
>> question about using firewall.cpl with a multihomed server. Not talking
>> about typical setup with RRAS basic firewall and an 'internal' and an
>> 'external' interface.
>>
>> easier said with scenario:
>> server with 2 (or more) NICS. Server is not a router and not providing
>> NAT of any kind. Just a server with 2 nics. Lets say each of the nics are
>> connected to a separate network. I need the firewall to have different
>> rules for each nic. Using firewall.cpl the Exceptions tab has
>> preconfigured items such as Remote Desktop and File and Print Sharing.
>> Setting these effects all nics (correct me if I'm wrong anywhere please).
>> The Advanced tab allows you to add exceptions for individual connections
>> but it seems to be setup for a port forwarding type of scenario where you
>> would be forwarding the particular exception traffic to a different
>> computer. Am I to assume that to simply create exceptions for one of the
>> particular nics in my scenario I should use this Advanced tab and just
>> supply the local computer name and the same port number for both internal
>> and external port numbers... considering its the local machine I'm
>> setting this for? I just want to be sure since it looks like its
>> expecting you to be setting up port forwarding... and the common
>> preconfigured exceptions such as Remote Desktop and File and Print
>> Sharing are not there?
>>
>
>
| 
XML Sitemap