If I start up a web server exactly how they do it in the BlinkyWebServer example, everything appears to work correctly while debugging (no errors), but I can't access the url on the port. I just get a timeout. I'm using the 14295 build of Windows IoT with a Raspberry Pi 3.
As of build 14295 Windows IoT added an internal firewall. To open up a port:
Connect to your device in powershell
Open up the firewall with:
netsh advfirewall firewall add rule name=[Any name to identify rule] dir=in action=allow protocol=TCP localport=[Port number]
Related
I have a remote customer machine that will not connect with either Remote Desktop or Radmin/Remote Administrator v3.5.2.1
The machine is a fresh build of Win10 Pro 20H2 on a Xeon.
It responds to PING, and DIR \\Computer\C$ and file copies to the same.
I can PSEXEC to the machine, run CMD.EXE /k without problem.
I do not yet have access to gpedit.msc but I doubt there is a GPO on a fresh standalone build.
The machine is a WORKGROUP member.
This is the logfile from a powershell script I wrote to audit the machine.
Info Windows Version 10.0.19042.0
Type Client operating system
Edition Windows 10 Pro
Product Windows(R) Operating System, OEM_DM channel
Status License Status = 1
Action Checking connected networks
Info Connected adapter ETHERNET 2
Action Checking firewall profiles
Info Domain is Disabled
Info Private is Disabled
Info Public is Disabled
Action Checking registry settings
Info fDenyTSConnections = 0 RDP is enabled
Info RDGClientTransport is not present
Info RDP Network Level Authentication is Disabled
Info SMB1 protocol is Enabled
Action Checking RDP services
Info Remote Desktop Services is Running
Info RDP UserMode Port Redirector is Running
Info DCOM Server Process Launcher is Running
Info RPC Endpoint Mapper is Running
Info Remote Procedure Call (RPC) is Running
Action Checking listening ports
Info RDP port 3389 is PID=5432 in process 'svchost'
Info RDP port 3389 state is Listening
Action Checking Trusted Hosts
Info Trusted Hosts value is '*'
There were two separate problems working here.
#1 - Win10 host does not like the Server 2003 5.x RDP client.
Version 6.0 is the last client for Server 2003, and this is acceptable to Win10.
RDP now connects to Win10 using the v6 client.
#2 - Xfinity has a security nanny operating by default.
When they determine a threat exists, they block all incoming traffic.
So far, their automated process refuses to unblock traffic, or disable the nanny.
I've created a network with the following rules:
I have two virtual machines, both running Windows Server 2012.
Computer 1 (192.168.0.2)
Computer 2 (192.168.0.3)
I can ping between the machines without any problems.
On Computer 1 I have SQL Server 2014 Express installed. These are the firewall rules added to the server:
I am unable to connect to the SQL Server instance from Computer 2. If I disable the firewall it works.
The rules added to the server work ok in Azure and on my Hyper V virtual machines. Do I need to add an other rules for it to work in Google Compute?
I only want to be able to access this SQL instance through machines on the same network.
There seems to be an issue with the way the windows firewall as been configured based on the fact that you can connect when the firewall is disabled. A couple of things to try out, to see if they resolve the issue for you.
Put 1-65535 in their allow internal firewall rule, not 0-65535
Add client internal IP to the firewall rule
For example:
netsh advfirewall firewall add rule name="SQL Access" dir=in action=allow program="%programfiles%\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe" remoteip=localsubnet,x.y.z.w
where x.y.z.w should be replaced by your client internal IP, and the program path should match your installation path to sqlservr.exe. It varies based on the version of SQL Server you have installed.
Let us know if you still face this issue and we can take another look.
I have a server\client application written in C which requires me to open some ports and add applications to windows firewall on both ends. Currently i am doing it mannually in order that my program will run.
I would like to create an installer for my program that will automatically add the ports and application to the firewall.
So my question is, is there a C library or CMD commands which i can use in order to modify the firewall on installation?
Using the command line, it is possible to use something like this to open ports:
netsh advfirewall firewall add rule name="My Custom Rule In" dir=in action=allow protocol=TCP localport=9191
netsh advfirewall firewall add rule name="My Custom Rule Out" dir=out action=allow protocol=TCP localport=9191
And to add a rule to an application
netsh advfirewall firewall add rule name="SQL Server Windows NT" dir=inaction=allow program="C:\Program Files (x86)\Microsoft SQLServer\MSSQL.1\MSSQL\Binn\sqlservr.exe " enable=yes
Example taken from here
On windows, you can use the system() command to spawn a netsh process passing the arguments needed.
I have installed windows server 2008 and on this I had added Roll "Active Directory Domain Services". Now I have added a computer (windows 7) under this domain and which have installed collabnetEdge subversion. Now I am trying to connect "LDAP authentication against an LDAP server" but it is giving error “The server could not bind to port ‘3343’. Check permission to use the port and that another process is not using the port.”
In Server Pc under the Domain I have created a OU named OrgUnit and under this OU I had created an user.
Now my setting is given below:
Server Setting :
Authentication :
Now these two setting saved successfully but when I start collabnetEdge server it gives error "The server could not bind to port ‘3343’. Check permission to use the port and that another process is not using the port". I have changed port but same error occurs. Please help me out.
Your LDAP Settings look good, but it is impossible to know for sure.
Your problem is on the first page where you specified port 3343. You cannot do that. The port number you are specifying is the one you want your Apache Subversion server to use. This has to be an unused port. Normally you want it to be port 80 or 443 depending on whether or not you are using SSL.
Since you are going to use your AD credentials, using SSL is a good idea. So I would check the box for Apache encryption and use port 443.
Port 3343 is the port that the SVN Edge console is using. So it will always be in use and could not be used.
I have multiple SQL Server 2005 instances on a box. From SSMS on my desktop I can connect to that box's named instances with no problem. After some recent network configuration changes, when I want to connect to the default instance from SSMS on my desktop, I have to specify the port number. Before the network changes, I did not have to specify the port number of the default instance.
If I remote to any other box (including the one in question), and use that box's SSMS to connect to that default instance, success. From my desktop, and only from my desktop, I have to specify the port number.
Is it a SQL Server configuration that I've missed? Is it possible something in my PC's configuration is getting in the way? Where would I look, or what could I pass on to the network folks to help them resolve this? Any help is appreciated.
Port 1434 is blocked somewhere along the line, which is used to resolve instance name to port number.
If you specifiy a port number, instance name is ignored...
SQL Server Browser service listens on port 1434
Upon startup, SQL Server Browser
starts and claims UDP port 1434. SQL
Server Browser reads the registry,
identifies all instances of SQL Server
on the computer, and notes the ports
and named pipes that they use. When a
server has two or more network cards,
SQL Server Browser returns the first
enabled port it encounters for SQL
Server. SQL Server Browser support [sic]
ipv6 and ipv4.
When SQL Server clients request SQL
Server resources, the client network
library sends a UDP message to the
server using port 1434. SQL Server
Browser responds with the TCP/IP port
or named pipe of the requested
instance. The network library on the
client application then completes the
connection by sending a request to the
server using the port or named pipe of
the desired instance.
Edit, after comment:
What is the local client setting default? It should be 1433 of course, but if not then just servername will not work.
Launch "SQL Server Configuration Manager".. "SQL native client configuration".. "client protocols".. double click tcp/ip, the default port used by your local PC is there.
I've seen this happen on Windows 2008/7/Vista boxes that have the firewall turned on. Using the named instance does not work but specifying the port does. The fix for me was to set up a firewall rules for SSMS and DTExec in order to allow for normal connections. The script to do so is below but you may have to change the patch to SSMS and DTExec.
rem SSMS
netsh advfirewall firewall add rule name=SQL-SSMS dir=in action=allow program="D:\Apps\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe" enable=yes profile=domain
netsh advfirewall firewall add rule name=SQL-SSMS dir=out action=allow program="D:\Apps\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe" enable=yes profile=domain
rem DTExec
netsh advfirewall firewall add rule name=SQL-DTExec dir=in action=allow program="D:\Apps\Program Files\Microsoft SQL Server\100\DTS\Binn\DTExec.exe" enable=yes profile=domain
netsh advfirewall firewall add rule name=SQL-DTExec dir=out action=allow program="D:\Apps\Program Files\Microsoft SQL Server\100\DTS\Binn\DTExec.exe" enable=yes profile=domain
rem DTExec32
netsh advfirewall firewall add rule name=SQL-DTExec32 dir=in action=allow program="D:\Apps\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\DTExec.exe" enable=yes profile=domain
netsh advfirewall firewall add rule name=SQL-DTExec32 dir=out action=allow program="D:\Apps\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\DTExec.exe" enable=yes profile=domain