windows firewall

G

Guest

I hope you guys can help. here is the scenario. I have a windows 2000
server that creates a VPN connection to a windows XP SP2 computer through a
Linksys router. the VPN establishes fine. However, the firewall seems to be
causing me some problems. With the firewall on, I can't ping the computers
internal IP address. If i uncheck the "local area connection" box from the
advanced tab, then i can ping the Windows XP computers VPN IP address. If I
turn the firwall off, i can ping either address and remote desktop or
netmeeting or anything else for that matter, works fine.
Any ideas as to what ports need to be open? I have tried selecting every
option within windows firewall, with no change. I want to leave the firewall
on, but being able to connect to it through the VPN is critical to our
network support.
 
R

Robert L [MS-MVP]

this may help. quoted from http://www.ChicagoTech.net
Can't ping other computers after installing SP2

Open Windows Firewall. Select Advanced and click Settings on ICMP. Check the
Allow incoming echo request.
--
For more and other information, go to http://www.ChicagoTech.net


Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN, Anti-Virus, Tips & Troubleshooting on
http://www.ChicagoTech.net
Networking Solutions, http://www.chicagotech.net/networksolutions.htm
VPN Solutions, http://www.chicagotech.net/vpnsolutions.htm
VPN Process and Error Analysis, http://www.chicagotech.net/VPN process.htm
VPN Troubleshooting, http://www.chicagotech.net/vpn.htm
This posting is provided "AS IS" with no warranties.
 
G

Guest

I have tried opening all ICMP settings, all services. both for the local
area connection and for the windows firewall in general. the way that i
connect to this computer is through our network. we have a server that makes
VPN connections to these computers and then we route through this server. if
the firewall is turned off, i can connect just fine. I have the specific
routes in place to ensure that i can see the computer. it is more than just
being able to ping the computer that i want to do. I plan on being able to
use remote desktop connections and netmeeting to be able to remotely
administer this computer and others like it. This seems like a problem that
has surfaced with the addition of SP2. I am not sure what program or port
needs to be opened, or what combination of ports/programs. the only thing
that i have confirmed to date is that it has to do with the windows firewall.
 
D

Dusty Harper {MS}

With the Allow Incoming ICMP ECHO Requests enabled, you still do not get an
ICMP ECHO Reply?

Remote Desktop is TCP port 3389

NetMeeting can be added by adding conf.exe to the list of allowed
applications. ( normally located in %SystemDrive%\Program Files\NetMeeting )
 
G

Guest

we have added remote desktop and netmeeting to the allowed list. we actually
added the mnmsrvc to the allowed services instead of conf.exe as we find it
works better because we use the remote destop feature of netmeeting.

Dusty Harper {MS} said:
With the Allow Incoming ICMP ECHO Requests enabled, you still do not get an
ICMP ECHO Reply?

No we still don't get an ICMP Echo reply by allowing incoming ICMP ECHO
Requests
Remote Desktop is TCP port 3389

NetMeeting can be added by adding conf.exe to the list of allowed
applications. ( normally located in %SystemDrive%\Program Files\NetMeeting )
The mnmsrvc that we use is under %systemdrive%\system32 directory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top