Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time
Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward <ezi...@lifespan.org> wrote: > Check your ACL’s on the router on the B side before it sends the traffic > over to the interface on the A side. > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org > > Cell:401-639-3505 > > > > *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] > *Sent:* Monday, April 25, 2011 9:31 AM > > *To:* NT System Admin Issues > *Subject:* Re: frustrating network issue on two servers > > > > OK, I've had my cup of coffee and realized that '*filtered*' != 'open' > > > > Now I have to figure out why these ports are filtered, but only across the > subnet. > > > > > > On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec <kava...@gmail.com> > wrote: > > OK, success in nmap - still same symptoms in SQL and Browse > > > > NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 > > > > Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central > Daylight Time > > > > Nmap scan report for 192.168.2.132 > > Host is up. > > PORT STATE SERVICE > > 137/tcp filtered netbios-ns > > 138/tcp filtered netbios-dgm > > 139/tcp filtered netbios-ssn > > 445/tcp filtered microsoft-ds > > 1433/tcp filtered ms-sql-s > > > > Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds > > > > > > Wonderful! NMAP assures me that nothing is wrong. But the patient is > still dead. > > > > > > On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward <ezi...@lifespan.org> > wrote: > > C:\windows\system32>nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 > > > > Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern > Daylight Time > > > > Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) > > Host is up. > > PORT STATE SERVICE > > 137/tcp filtered netbios-ns > > 138/tcp filtered netbios-dgm > > 139/tcp filtered netbios-ssn > > 445/tcp filtered microsoft-ds > > 1433/tcp filtered ms-sql-s > > > > Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds > > > > Did the same command against one of my systems, with Windows 7 and NMAP > 5.5.1 and worked fine. > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org > > Cell:401-639-3505 > > > > *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] > *Sent:* Sunday, April 24, 2011 5:37 PM > > > *To:* NT System Admin Issues > *Subject:* Re: frustrating network issue on two servers > > > > The exact command I used was > > > > > > Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 > > > > This gave back the error I posted. > > > > > > On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward <ezi...@lifespan.org> > wrote: > > I also scanned systems with Nmap 5.51 and the commands I gave earlier > worked fine. > > > > Without seeing the response from Nmap I can’t tell you if a router acl, or > firewall setting, is the culprit. > > > > Z > > > > Edward E. Ziots > > CISSP, Network +, Security + > > Network Engineer > > Lifespan Organization > > Email:ezi...@lifespan.org > > Cell:401-639-3505 > > > > *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] > *Sent:* Sunday, April 24, 2011 4:06 PM > > > *To:* NT System Admin Issues > *Subject:* Re: frustrating network issue on two servers > > > > Ipsec policy agent is running, no policies defined. > > > > > > On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott <crawfo...@evangel.edu> > wrote: > > ipsec service running? any policies defined? > > > > Sent from my Palm Pre on the Now Network from Sprint > > > ------------------------------ > > On Apr 24, 2011 2:02 PM, G.Waleed Kavalec <kava...@gmail.com> wrote: > > All firewalls off. > > > > Once again, browse and SQL work fine from the same subnet/site. > > > > And ping from both, both directions. > > > > > > On Sun, Apr 24, 2011 at 1:08 PM, Ben N <bennordlan...@gmail.com> wrote: > > Any firewalls ? Either windwows or something else in between. Make sure > ports are open. Try telnet to port 445 to be sure. > > On Apr 24, 2011 10:59 AM, "G.Waleed Kavalec" <kava...@gmail.com> wrote: > > Nope. R1 or R1.ourdomain.local same symptoms. > > > > Ping yes - from either subnet. > > > > Browse no, SQL no - but ONLY fails from subnet B. > > > > > > On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott <crawfo...@evangel.edu > >wrote: > > > >> does it matter if you use the fqdn? > >> > >> > >> > >> Sent from my Palm Pre on the Now Network from Sprint > >> > >> ------------------------------ > >> On Apr 23, 2011 11:16 PM, G.Waleed Kavalec <kava...@gmail.com> wrote: > >> > >> Thanks Tom, I'll give that a shot in the morning. > >> > >> > >> On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller <tmil...@hnncsb.org> wrote: > >> > >>> Check the IP properties of the servers in question. I had an issue > >>> with week where one of my 2008 R2 servers couldn't ping, get to > anything. I > >>> went into the properties of IPv4, everthing looked good, then checked > the > >>> box to "verify" upon exit. Then all was well. Weird. May not apply, > just > >>> a suggestion. > >>> > >>> You can always uninstall/reinstall the file server role (can't remember > >>> the exact name of the role off-hand). > >>> > >>> >>> "G.Waleed Kavalec" 04/23/11 8:43 PM >>> > >>> Two sites, R and B. Same domain, different subnets. > >>> > >>> All R servers can see all B servers > >>> All B servers can see all R servers - EXCEPT TWO > >>> > >>> R1 and R2 see all B servers, browse folders etc. > >>> > >>> B servers can PING R1 and R2 just fine; R1 and R2 can PING B > >>> servers just fine. > >>> > >>> But B cannot browse R1 or R2 folders for nothing. > >>> > >>> Diagnose gives "file and print sharing resource R1 is online but isn't > >>> responding to connection attempts" > >>> > >>> > >>> Other R servers can browse R1 and R2 no problem. > >>> Other R servers can connect to R1 and R2 sql instances just fine. > >>> > >>> B servers can can browse other R servers no problem. > >>> B servers can can connect to other R servers sql instances just fine. > >>> > >>> > >>> Firewalls OFF, route statements confirmed (see: ping) > >>> > >>> All machines 2008 R2 up-to-date on patches. > >>> > >>> I **think** I have verified all necessary services are up. > >>> > >>> > >>> Arrrrggh ! > >>> > >>> -- > >>> > >>> __________________ > >>> Gregory Waleed Kavalec > >>> --------------------------------------------- > >>> *G.O.P. stands for "George Orwell Prediction" > >>> * > >>> > >>> > >>> > >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >>> > >>> --- > >>> To manage subscriptions click here: > >>> http://lyris.sunbelt-software.com/read/my_forums/ > >>> or send an email to listmana...@lyris.sunbeltsoftware.com > >>> with the body: unsubscribe ntsysadmin > >>> > >>> Confidentiality Notice: This e-mail message, including attachments, is > for > >>> the sole use of the intended recipient(s) and may contain confidential > and > >>> privileged information. Any unauthorized review, use, disclosure, or > >>> distribution is prohibited. If you are not the intended recipient, > please > >>> contact the sender by reply e-mail and destroy all copies of the > original > >>> message. > >>> > >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >>> > >>> --- > >>> To manage subscriptions click here: > >>> http://lyris.sunbelt-software.com/read/my_forums/ > >>> or send an email to listmana...@lyris.sunbeltsoftware.com > >>> with the body: unsubscribe ntsysadmin > >>> > >> > >> > >> > >> -- > >> > >> __________________ > >> Gregory Waleed Kavalec > >> --------------------------------------------- > >> *G.O.P. stands for "George Orwell Prediction" > >> * > >> > >> > >> > >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >> > >> --- > >> To manage subscriptions click here: > >> http://lyris.sunbelt-software.com/read/my_forums/ > >> or send an email to listmana...@lyris.sunbeltsoftware.com > >> with the body: unsubscribe ntsysadmin > >> > >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > >> > >> --- > >> To manage subscriptions click here: > >> http://lyris.sunbelt-software.com/read/my_forums/ > >> or send an email to listmana...@lyris.sunbeltsoftware.com > >> with the body: unsubscribe ntsysadmin > >> > > > > > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > > --------------------------------------------- > > *G.O.P. stands for "George Orwell Prediction" > > * > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > --------------------------------------------- > G.O.P. stands for "George Orwell Prediction" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > --------------------------------------------- > G.O.P. stands for "George Orwell Prediction" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > --------------------------------------------- > G.O.P. stands for "George Orwell Prediction" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > --------------------------------------------- > G.O.P. stands for "George Orwell Prediction" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > > > > __________________ > > Gregory Waleed Kavalec > --------------------------------------------- > G.O.P. stands for "George Orwell Prediction" > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- __________________ Gregory Waleed Kavalec --------------------------------------------- *G.O.P. stands for "George Orwell Prediction" * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin