Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > Windows Firewall with RAS (incoming connection)

Windows Firewall with RAS (incoming connection)

Forum Windows XP : Windows XP General Discussion - Windows Firewall with RAS (incoming connection)

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   12-29-2004 at 09:29:32 AM

Archived from groups: microsoft.public.windowsxp.work_remotely, microsoft.public.windowsxp.network_web (More info?)

 

(1) I have a MS Windows XP Pro. with SP2 computer in a workgroup
(computer name: SERVER). The computer is connected to a small LAN.
The LAN card has a static IP address: 169.254.1.0,
subnet mask: 255.255.0.0.
The computer also has an ISDN card with two ISDN links and an
incoming connection (not VPN) is created on the ISDN links.
On the SERVER the Windows Firewall is turned on with the following
exceptions enabled:
- File and Printer sharing
- Remote Assistance
- Remote Desktop
Also, for the ICMP the incoming echo request is allowed.

(2) From another PC in the LAN I can ping the SERVER's static IP
address on the LAN card (169.254.1.0) and the Remote Desktop
Connection to the SERVER can be established using that address.

(3) From a remote PC (MS Windows 2000 Pro. + SP4 which is not in
that LAN) I am able to connect to the SERVER's incoming connection
(by providing a username and password). The PPP connection from the
remote PC to the SERVER gets two dynamic IP addresses:
- server IP address, e.g. 169.254.183.219, subnet mask 255.255.255.255
- client IP address, e.g. 169.254.234.81, subnet mask 255.255.255.255

(4) From the remote PC I can ping the SERVER's dynamic IP address of
the PPP connection (e.g. 169.254.183.219) and the Remote Desktop
Connection to the SERVER can be established using that address,
but I cannot ping the SERVER's static IP address on the LAN card
(169.254.1.0) and the Remote Desktop Connection to the SERVER cannot
be established using that address.

(5) On the other hand, if the Windows Firewall is turned off on the
SERVER, then the problems with connecting to the SERVER's static IP
address from the remote PC disappear.

Considering (1) to (5) I'd say that the Windows Firewall doesn't
work correctly when a dial-in connection is established to a
Windows XP Pro computer. Or I should configure the Windows Firewall
another way?

-- rpr /Robert Premuž/

For more details have a look at the output of the following
commands on the SERVER:
ipconfig /all
===================================================================
Windows IP Configuration

Host Name . . . . . . . . . . . . : server
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI
Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-40-95-07-B1-A4
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 169.254.1.0
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 169.254.0.1

PPP adapter RAS Server (Dial In) Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Internal RAS Server
interface for dial in clients
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 169.254.183.219
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
== end of "ipconfig /all" =========================================

Case (3) & (4):
netsh firewall show config
===================================================================
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Remote Desktop

Allowed programs configuration for Domain profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe

Port configuration for Domain profile:
Port Protocol Mode Name
-------------------------------------------------------------------
139 TCP Enable NetBIOS Session Service
445 TCP Enable SMB over TCP
137 UDP Enable NetBIOS Name Service
138 UDP Enable NetBIOS Datagram Service
3389 TCP Enable Remote Desktop

Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Remote Desktop

Allowed programs configuration for Standard profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe
Enable javaw / C:\Program
Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe

Port configuration for Standard profile:
Port Protocol Mode Name
-------------------------------------------------------------------
139 TCP Enable NetBIOS Session Service
445 TCP Enable SMB over TCP
137 UDP Enable NetBIOS Name Service
138 UDP Enable NetBIOS Datagram Service
3389 TCP Enable Remote Desktop

ICMP configuration for Standard profile:
Mode Type Description
-------------------------------------------------------------------
Enable 8 Allow inbound echo request

Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\pfirewall.log
Max file size = 4096 KB
Dropped packets = Enable
Connections = Enable

Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Enable
== end of "netsh firewall show config" ============================

Case (5):
netsh firewall show config
===================================================================
Domain profile configuration:
-------------------------------------------------------------------
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Service configuration for Domain profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Remote Desktop

Allowed programs configuration for Domain profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe

Port configuration for Domain profile:
Port Protocol Mode Name
-------------------------------------------------------------------
139 TCP Enable NetBIOS Session Service
445 TCP Enable SMB over TCP
137 UDP Enable NetBIOS Name Service
138 UDP Enable NetBIOS Datagram Service
3389 TCP Enable Remote Desktop

Standard profile configuration (current):
-------------------------------------------------------------------
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable

Service configuration for Standard profile:
Mode Customized Name
-------------------------------------------------------------------
Enable No File and Printer Sharing
Enable No Remote Desktop

Allowed programs configuration for Standard profile:
Mode Name / Program
-------------------------------------------------------------------
Enable Remote Assistance / C:\WINDOWS\system32\sessmgr.exe
Enable javaw / C:\Program
Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe

Port configuration for Standard profile:
Port Protocol Mode Name
-------------------------------------------------------------------
139 TCP Enable NetBIOS Session Service
445 TCP Enable SMB over TCP
137 UDP Enable NetBIOS Name Service
138 UDP Enable NetBIOS Datagram Service
3389 TCP Enable Remote Desktop

ICMP configuration for Standard profile:
Mode Type Description
-------------------------------------------------------------------
Enable 8 Allow inbound echo request

Log configuration:
-------------------------------------------------------------------
File location = C:\WINDOWS\pfirewall.log
Max file size = 4096 KB
Dropped packets = Enable
Connections = Enable

Local Area Connection firewall configuration:
-------------------------------------------------------------------
Operational mode = Disable
== end of "netsh firewall show config" ============================

Add a reply
Sponsored Links
Register or log in to remove.
Ask the community Add a reply
Tom's Hardware > Forum > Windows XP > Windows XP General Discussion > Windows Firewall with RAS (incoming connection)
Go to:

There are 1176 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 1.245 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?