I have two mikrotik routers and have configured a site-to-site tunnel using pptp.
SiteA = 192.168.88.0/24
SiteB = 192.168.33.0/24
SiteB is the pptp server and I have configured the following secret.
0 name="vpn" service=pptp caller-id="" password="vpn123" profile=default local-address=1.1.1.1 remote-address=1.1.1.2
routes="192.168.88.0/24 1.1.1.2" limit-bytes-in=0 limit-bytes-out=0 last-logged-out=jan/01/1970 00:00:00
The tunnel is set up and working perfectly. However, when I try to ping a Windows 10 PC from siteB -> siteA, windows blocks the icmp request as the Windows firewall sees this as a public network. I have confirmed this using Wireshark that the request is coming from 1.1.1.1
I'm fairly new to this level of networking and I would like to know if there is a solution where I don't have to configure firewall rules on Windows PCs.
Regards
Ryan
Did you try another services as http or telnet? Just to verify that communication between sites is not closed on gateways.
If above is OK and you can access lets say smtp server (usually port 25) on remote site then firewall on client station is blocking your comminication. Then for ICMP on windows 10:
#IPv4
netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol="icmpv4:8,any" dir=in action=allow
Related
I have three Windows hosts on the same private LAN, each hosting an IIS default website. One host is running Windows 7 Pro, while the other two are running Windows 8.1 Update Version 6.3 (Build 9600).
Other computers on the local subnet can open the default website on each of the 3 hosts by entering each host's private IP address in a browser.
However, when I Port Forward port 80 on a gateway router in turn to each of the 3 hosts private IP address, then enter the public IP of the gateway router into a browser on a computer outside of the private network, only the Windows 7 host displays its default website.
When Port 80 is forwarded to either of the two Windows 8.1 Update hosts, the browser reports "This webpage is not available. Details: The host took too long to respond." Additionally, no record of the request appears in "C:\inetpub\logs\LogFiles\W3SVC1\u_exYYMMDD.log" on the host.
All three hosts have their Windows Firewall Inbound Rule "World Wide Web Services (HTTP Traffic-In)" set to Profile: All, Enabled: Yes, Action: Allow, Override: No, Program: System, Local Address: Any, Remote Address: Any, Protocol: TCP, Local Port: 80, Remote Port: Any, Authorized Users: Any, Authorized Computers: Any, Authorized Local Principles: Any, Local User Owner: Any, Application Package: Any.
Furthermore, disabling both Windows Firewall and Windows Defender made no difference. I have not installed any other security or firewall systems.
It appears that something is preventing port 80 requests from public ip addresses from reaching Windows 8.1 Update IIS. Yet the success on Windows 7 demonstrates that the gateway router is properly forwarding outside traffic to the assigned IP address.
What could be blocking the public ip port 80 requests to Windows 8.1 IIS, and how can I correct it?
Problem solved. It turned out the cause was Check Point VPN v98.60.202, from Check Point Software Technologies. I had installed this software to connect to a corporate client's internal network.
I suspected this was the cause because of how VPNs work, so I had previously closed the VPN software, but that didn't solve the problem. I actually needed to completely uninstall the Check Point VPN software and reboot the computer to remove the hooks it makes into the Operating System's TCP/IP stack. That allowed IP addresses outside of the host's subnet to again be served by IIS 8.5.
I'm running a game server on my Windows Server 2008 VPS. It uses ports 443 and 444.
Recently there are some suspicious activity from a user. I always have access to the users IP address. How to find out what requests are sent to these ports from that IP?
If you want to see packets that came in and goes out from you server you can install wireshark and capture all packets or filter them by specific ports.
i was trying to establish an ftp connection on my LAN and WAN , i use windows 8 , i configured the IIS , and opened port 21 , actually disabled firewall , i created a new user to access my ftp folder 'A' , it worked fine on LAN by accessing
ftp://192.168.1.10 (my local ip),from any pc on my LAN.
The problem is , i am trying to access through ftp but this time from WAN , i configured the router to port forward to my LAN (192.168.1.10) , i looked up my static ip , now i have a login panel
ftp://393.32.3.2(random ip) when it comes to authentification i used the user i created but it is not working , any ideas ?
FTP uses both port 20 and 21. You have only port forwarded port 21 which is used to initiate and control connections to FTP servers.
This means you will be able to connect to your FTP server and log in, but it will not be able to transfer any files because that uses port 20.
Hope this helped!
-Kad
you must configure in your router ports 1025-3500 forwarding to yours server ex: 192.168.0.100
you must configure in your router ports 21(all protocols tcp&udp) forwarding to yours server ex: 192.168.0.100
I have a simple requirement of hosting a webserver on my computer. But unfortunately, the internet connection provided by my employer has only ports 21 & 80 open. Rest of all the ports are closed. I tried port forwarding for ports 80 and 21 but they are already in use by my employer itself. So, is there any other way of hosting a webserver on my computer?
P.S.: I am on linux with Apache.
Does the firewall run an HTTP proxy, or is it just a simple port forwarder? If it's a proxy, it may be able to forward to different internal IPs based on the Host: header, similar to the way virtual web hosts operate.
If not, you won't be able to use these ports. A NAT router can forward a port to only one IP. If hosting the webserver is a job requirement, as you say, you should be able to contact the network administrator and get another port opened for it. If they won't do it on your request, your manager should be able to confirm the requirement.
I have a problem accessing my website created using Visual Studio on my local pc.
The pc is using Windows 7 and a static ip address has been configured. I have added a hostname "192.168.0.1 hosts myweb.mylocal.com" on c:\windows\system32\driver\etc.
On IIS I have configured the binding myweb.mylocal.com with impersonation set enabled and windows authentication is enabled.
The user login just keeps prompting even though I have entered the correct username and password.
Yea 192...* is router reserved IP.
I had the same issues with Windows 7 and and its due to IPV6.
Try disabling the IPv6 Protocol in "Control Panel\Network and Internet\Network Connections" and right clicking your stablished connection to your router, unticking the IPv6 and leaving the IPv4 selected to see if that will make a difference.;
Your local IP is more than likly :::1 or something along then lines!
-- Update
Where you have set you ip 192.168.0.1 to route to your local domain, try setting it to 127.0.0.1 so that it loops to itself and not via the gateway, Or you can leave it as it is and add the rule to your router to send traffic from the HTTP Port 80 to your PC.