Re: TCP/IP Filtering - can't browse Internet
From: Q (Q_at_nospam.net)
Date: 01/29/03
- Next message: Kevin D. Goodknecht Sr.: "Re: TCP/IP Filtering - can't browse Internet"
- Previous message: Karl Levinson [x y] mvp: "Re: TCP/IP Filtering - can't browse Internet"
- In reply to: Sphinx: "TCP/IP Filtering - can't browse Internet"
- Next in thread: Kevin D. Goodknecht Sr.: "Re: TCP/IP Filtering - can't browse Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Jan 2003 11:25:21 -0500
"Sphinx" <DIESPAMDIEsphinx@attbi.com> wrote in message
news:tJIZ9.75486$Ve4.6238@sccrnsc03...
> Hello, folks.
>
> I just enabled TCP/IP filtering on my W2k Server box. I allowed the
> following protocols on both TCP and UDP: ports 20, 21, 53, 80. I can
connect
> to the server's FTP contents, but I cannot browse the Internet from the
> server.
>
> Can anyone tell me why that is?
>
> Thanks!
>
>
Normally you will need to:
a) allow incoming TCP to ports greater than 1023
b) deny SYN packets to ports greater than 1023
In w2k filtering this is expressed as "TCP established" if I remember
correctly.
To allow DNS resolution, another rule must be used: Allow UDP incoming from
DNS IP addresses srcport 53 to ports greater than 1023.
This should allow you to browse From the w2k box.
HTH,
Q.
- Next message: Kevin D. Goodknecht Sr.: "Re: TCP/IP Filtering - can't browse Internet"
- Previous message: Karl Levinson [x y] mvp: "Re: TCP/IP Filtering - can't browse Internet"
- In reply to: Sphinx: "TCP/IP Filtering - can't browse Internet"
- Next in thread: Kevin D. Goodknecht Sr.: "Re: TCP/IP Filtering - can't browse Internet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
