Member Avatar for tjfitz68

Our server has several roles at the moment.

1. Web server so offsite employees can use a Flash application.

2. A few folks remote in using RDP (admin mode, so it's not a TS server).

3. SQL server. Some offsite employees use a Windows client to connect to the database.

4. VPN Access

5. E-Mail server (moved from a different server today)

For the most part, our RRAS setup was working except that I could not access the internet (browse the web, ping, tracert, etc.)

Today I have had to setup our mail server because it's being moved to another location. I "thought" I setup all of the ports under the "INBOUND" tab. But, I must not have done it correctly because I could not get everything to work right unless I stop the RRAS server.

So, does anyone have a definitive solution for what needs to be setup in the "INBOUND" section? For "OUTBOUND" I either had nothing or I setup everything for "Any". Either way, it didn't seem to affect the things working or the things not working.

Any help would be appreciated.

Thanks,

Tim

  • 2 Contributors
  • 6 Replies
  • 137 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by tjfitz68

Recommended Answers

All 6 Replies

Member Avatar for freshfitz

IS all this running on 1 server?

Where do you see inbound and outbound in your router or in windows routing and remote access?

What do you mean rras works but no internet? no internet on the server or on the computer dialing over the rras?

Member Avatar for tjfitz68

IS all this running on 1 server?

Where do you see inbound and outbound in your router or in windows routing and remote access?

What do you mean rras works but no internet? no internet on the server or on the computer dialing over the rras?

Yes, one server.

I have setup the filters in Windows 2003 server RRAS. Under "IP Routing->General", I have setup the inbound filters for my local NIC.

With RRAS enabled, using my current filters, the server can not access the internet. However, the filters I do have setup work. Employees offsite can access the website and those accessing the SQL server using thier client application are having no problems. VPN connections to the server work fine as well.

My real problems arose once I moved the mail server over. Apparently I do not have all the filters I need setup.

If it wold help, I can provide a snapshot of my current filter setup.

Thanks,

Tim

Member Avatar for freshfitz

If you can provide a screen shot that would help run tracert on a workstation and see where the traffic is stopping. Does the server have a router firewall out to the internet or is it connected directly to the public ip?

Member Avatar for tjfitz68

If you can provide a screen shot that would help run tracert on a workstation and see where the traffic is stopping. Does the server have a router firewall out to the internet or is it connected directly to the public ip?

Yes, the server is behind a router. I'm attaching a PDF version of the filter list. Note; SQL denotes our SQL server port. I have changed all other IP's to fake ones.

Thanks,

Tim

FilterList.pdf (49.24 KB)
Member Avatar for freshfitz

did u try any any dst 80 src 80

Member Avatar for tjfitz68

did u try any any dst 80 src 80

Sorry for the late response. It's been a busy week.

For port 80, I now have two separate entries. Once for source and one for destination. This appears to have solved the problem. I have not tried to merge the entries into one yet.

I did the same for my e-mail server ports. For whatever reason, just using "Any" for my source port and just having my SQL "destination" port, seems to work for our client application. I am wondering, though, if doing the same for those might not help the performance.

I have yet to find clear documentation in regards to RRAS filtering. I really don't understand why using "Any" as a source port will not work. "80" should be included in "Any".

IPSec may be another option if I run into further problems.

Thanks,

Tim

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.