windows tcpip filtering

H

heppy

Hi I have been trying out the filtering on 2000 server,why does it stop
browsing on the server after fitering,I allowed ports 80,25 and 110 ,I
couldnt browes or recive email on the server but the network PC can (using
NAT) on the server.Take of filtering and all works??do I need to enable 53
aswell?
Thanks Martin
 
R

Rakesh Chanana [MSFT]

TCP/IP filtering should not be used especially if you are using the server
as a workstation.
The reason you cannot browse is because your machine uses an ephemeral port
(random port # above 1024) to SEND the outbound traffic to a webserver. This
traffic is allowed by TCP/IP filtering and reaches the webserver. The
webserver simply reverses the ports and sends the reply traffic back to your
server on the port that it used to send the outbound traffic and TCP/IP
filtering is not letting the incoming traffic in.

As I said, please don't use TCP/IP filtering if you are going to use the
server as a workstation.
Options are to use RRAS Input/Output filters or use a third party firewall.

--
Thanks,

Rakesh Chanana [MSFT]

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samplesare subject to terms and conditions
http://www.microsoft.com/info/cpyright.htm
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

UDP probes. Is this normal? 4
Not reciving email 1
Can RRAS packet filtering somehow replace a local software firewall? 3
Win2K Adv Svr Preparing network connections 1
TCP/IP Filtering 2
Filter rule for web access 4
IPSec Filtering 1
TCP/IP filtering 1

Top