iphonogasm

Yes the rule created was named "Test" and opened TCP port 1000 The rule is then shown as "Active" and is a Public rule I no other firewall running. I have a NAT at the router, however this does not apply now that i am using a DMZ I have 80, 1723, 25, 110, 143, 21, 3389 and a few others, which are open in the firewall. Im just not able to get 1000 open, maybe i need to go higher like 4000? Thanks for policy reply, that doesnt really matter! One more thing, how can i block port scanning requests? do i need to block by IP range, and is this possible in Windows Firewall? Thanks!

hi, my first quesion. I have a DMZ to a server running 2008 Enterprise. When i add an exception in windows firewall for the Public profile (i also add it to all profiles) but the port doesnt open when doing a portscan externally. Secondly... Any idea if there is/what is the Group Policy to disable saving ALL passwords (VPN, Network Drives, RDP etc etc) Thanks!!

im not sure. im not using any type of tunnelling. just a program that connects on port 8016 TCP

just TCP port 8016

yes but all traffic is going through the switch. Its the only switch i have. So connecting to my DVR via LAN. i come in via WAN >> then to the switch >> then to DVR why am i not receiving any trace of remote connections to the DVR? Thanks

this is a good question lol id be interested in this too? how deep can policies go??

Yes i just really need to monitor incomming traffic for security reasons. I dont think this is the ideal situation as i will have to route any traffic on protocols comming in? Also, can i have NAT at the ROUTER and then NAT again at the SERVER?? I have DES-3226S manager switch with port mirroring configured as below Current Settings Mirror Status: Enabled Target Port : 22 Mirrored Port RX: 1-21,23-24 TX: 1-21,23-24 Server plugged into port 22 But im still missing LOTS of traffic, on the local network aswell as incomming from WAN Thanks!

Hi, i want to control all inbound and outbound traffic via a server. Would this be the reccomended configuration? Your thoughts on this setup [ATTACH]184.IPB[/ATTACH] Thanks!

i think this might be a binding issue...? For testing with IIS and sites etc, i usually add a domain in the hosts file for testing. So to the site, add a binding mysite.com for example. In the hosts file for the win7 PC on the 50.1 subnet, add mysite.com to 200.100.50.1 and do the same for a client on the 0.1 subnet. This is ofcourse for testing only. Im guessing you will be running DNS at some point! This will still test your NAT routing but using a domain. Hope this helps!

also maybe you need to setup some routers/switches to relay dhcp ;)

im guessing this would be a policy. Group policy editor? gpedit.msc - Im sure someone else can back me up on this, policy to disable saving passwords to vault?

There is a dyndns.org application that runs on windows in the taskbar. You must have your PC running 24/7 for it to update the new IP to your hostname! ;) Give it a try :)

why dont you just ask your enterprise administrator to create a private exception for the port you require? If you can access it remotely via your home PC, and have an active VPN connection to your home PC from the office PC, route all traffic through the VPN and connect to it that way. This is ofcoure if the network firewall instant blocking outbound VPN tunneling again! I guess at the end of the day, if they dont want you accessing this DVR, you wont have much luck!! They have alot more control then you lol...

Its up to you really.. Having a small network running DNS really has no advantage other than a bit more security running ADDS. You can setup active directory domain services, to handle any DNS changes. So its really up to you, i have setup DNS on an extremely small network purely for training purposes. Which works well, but it would be easier to have the router resolve all DNS for you... DNS is designed more for larger networks to make it easier to remember computer names over IP addresses hope this helps!

forward it at the cable modem then. First point of entry for internet this should work fine!

Yea i would use dnydns.org. I used it when i had a dynamic IP and it works well. you will get a hostname, yourname.dyndns.org and configure your router with dyndns. Then just setup your VPN, and connect using your hostname... :)

Wherever the incoming connection is, and you may need to check the firewall on the router. When you say router, are you using a router as switch? or is it only a switch?

is is possible your firewall is blocking ICMP for IPv6?

Hi, welcome to the forums have you set up a forward at your router, is the port forwarding to the right destination? also check your firewall in server 2008, make sure there is an exception for Remote Desktop, or create one on port 3389. Enable RDP and select users! :)

Yes i have DNS forwarded at the roter. What sort of record do i create for my name server to resolve my public ip? Heres my current setup. [ATTACH=full]194[/ATTACH][ATTACH=full]195[/ATTACH][ATTACH=full]196[/ATTACH][ATTACH=full]197[/ATTACH][ATTACH=full]198[/ATTACH] I then delegated my two name server ns1.megahosting.co.nz and ns2.megahosting.co.nz Thanks

hi, check the scope options to ensure that the correct DNS servers are being assigned by DHCP, also, is the DNS server running as a cache only DNS server? or have you forward/reverse lookup zones configured? also you can use DNS forwarding, forward DNS requests to your ISP. thanks!

Hi, i beleive you need to run a script on startup, but i havnt done this myself. I have created a shortcut and put in the "startup" directory and make sure its selected in msconfig.msc >> startup. Then in the settings for the VPN, click options, under dialing options, remove all ticks. also make sure you have the credientials save. This will initiate the connection in the background. this will connect your VPN on startup, however it connects quite late, (once the required services load etc,) and also, this doesnt work if the client enters "sleep" mode then wakes. Other then this, running a custom script is the only other way i know of. Hope this helps!

also, make sure you staic ip is within an EXCLUSION range for the DHCP server ;)

try restarting the service?? guessing youve done this. I would also try removing and reinstalling the WLAN feature.

Could someone please provide more help on this issue, I have today launched my site, www.megahosting.co.nz and now need some name servers. I need ns1.megahosting.co.nz to resolve my public IP.. and ns2.megahosting.co.nz to resolve a different IP. how can i setup my name server to resolve my PUBLIC ip? step-by-step guide would be great as im quite new to DNS, but i cannot find this anywhere? is bind required for this? Thanks!