Any AV running on those boxes?
*ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec <kava...@gmail.com>wrote: > That is exactly where I am, but I cannot find a single factor on R1 or R2 > that would account for such a rule. > > All firewalls are off. > > I've compared Services on R1 and (working) R3. > > Especially: what kind of access control *only* affects connections from > another subnet? > > > Sincerely > Bald by Nightfall > > > On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward <ezi...@lifespan.org>wrote: > >> That looks better, >> >> >> >> But from B1 to a different R server on the A side. Shows that the ACL >> might just be with the first R server ( you tested) >> >> >> >> Z >> >> >> >> >> >> >> >> Edward E. Ziots >> >> CISSP, Network +, Security + >> >> Network Engineer >> >> Lifespan Organization >> >> Email:ezi...@lifespan.org >> >> Cell:401-639-3505 >> >> >> >> *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] >> *Sent:* Monday, April 25, 2011 9:46 AM >> >> *To:* NT System Admin Issues >> *Subject:* Re: frustrating network issue on two servers >> >> >> >> Here is the nmap result from B1 to a different R server >> >> >> >> Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central >> Daylight Time >> >> >> >> Nmap scan report for 192.168.2.134 >> >> Host is up (0.0092s latency). >> >> PORT STATE SERVICE >> >> 137/tcp closed netbios-ns >> >> 138/tcp closed netbios-dgm >> >> 139/tcp open netbios-ssn >> >> 445/tcp open microsoft-ds >> >> 1433/tcp open ms-sql-s >> >> >> >> Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds >> >> >> >> >> >> Doesn't this mean the routers are fine? >> >> >> >> >> >> >> >> On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward <ezi...@lifespan.org> >> wrote: >> >> Check your ACL’s on the router on the B side before it sends the traffic >> over to the interface on the A side. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> CISSP, Network +, Security + >> >> Network Engineer >> >> Lifespan Organization >> >> Email:ezi...@lifespan.org >> >> Cell:401-639-3505 >> >> >> >> *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] >> *Sent:* Monday, April 25, 2011 9:31 AM >> >> >> *To:* NT System Admin Issues >> *Subject:* Re: frustrating network issue on two servers >> >> >> >> OK, I've had my cup of coffee and realized that '*filtered*' != 'open' >> >> >> >> Now I have to figure out why these ports are filtered, but only across the >> subnet. >> >> >> >> >> >> On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec <kava...@gmail.com> >> wrote: >> >> OK, success in nmap - still same symptoms in SQL and Browse >> >> >> >> NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 >> >> >> >> Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central >> Daylight Time >> >> >> >> Nmap scan report for 192.168.2.132 >> >> Host is up. >> >> PORT STATE SERVICE >> >> 137/tcp filtered netbios-ns >> >> 138/tcp filtered netbios-dgm >> >> 139/tcp filtered netbios-ssn >> >> 445/tcp filtered microsoft-ds >> >> 1433/tcp filtered ms-sql-s >> >> >> >> Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds >> >> >> >> >> >> Wonderful! NMAP assures me that nothing is wrong. But the patient is >> still dead. >> >> >> >> >> >> On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward <ezi...@lifespan.org> >> wrote: >> >> C:\windows\system32>nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 >> >> >> >> Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern >> Daylight Time >> >> >> >> Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) >> >> Host is up. >> >> PORT STATE SERVICE >> >> 137/tcp filtered netbios-ns >> >> 138/tcp filtered netbios-dgm >> >> 139/tcp filtered netbios-ssn >> >> 445/tcp filtered microsoft-ds >> >> 1433/tcp filtered ms-sql-s >> >> >> >> Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds >> >> >> >> Did the same command against one of my systems, with Windows 7 and NMAP >> 5.5.1 and worked fine. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> CISSP, Network +, Security + >> >> Network Engineer >> >> Lifespan Organization >> >> Email:ezi...@lifespan.org >> >> Cell:401-639-3505 >> >> >> >> *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] >> *Sent:* Sunday, April 24, 2011 5:37 PM >> >> >> *To:* NT System Admin Issues >> *Subject:* Re: frustrating network issue on two servers >> >> >> >> The exact command I used was >> >> >> >> >> >> Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 >> >> >> >> This gave back the error I posted. >> >> >> >> >> >> On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward <ezi...@lifespan.org> >> wrote: >> >> I also scanned systems with Nmap 5.51 and the commands I gave earlier >> worked fine. >> >> >> >> Without seeing the response from Nmap I can’t tell you if a router acl, or >> firewall setting, is the culprit. >> >> >> >> Z >> >> >> >> Edward E. Ziots >> >> CISSP, Network +, Security + >> >> Network Engineer >> >> Lifespan Organization >> >> Email:ezi...@lifespan.org >> >> Cell:401-639-3505 >> >> >> >> *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] >> *Sent:* Sunday, April 24, 2011 4:06 PM >> >> >> *To:* NT System Admin Issues >> *Subject:* Re: frustrating network issue on two servers >> >> >> >> Ipsec policy agent is running, no policies defined. >> >> >> >> >> >> On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott <crawfo...@evangel.edu> >> wrote: >> >> ipsec service running? any policies defined? >> >> >> >> Sent from my Palm Pre on the Now Network from Sprint >> >> >> ------------------------------ >> >> On Apr 24, 2011 2:02 PM, G.Waleed Kavalec <kava...@gmail.com> wrote: >> >> All firewalls off. >> >> >> >> Once again, browse and SQL work fine from the same subnet/site. >> >> >> >> And ping from both, both directions. >> >> >> >> >> >> On Sun, Apr 24, 2011 at 1:08 PM, Ben N <bennordlan...@gmail.com> wrote: >> >> Any firewalls ? Either windwows or something else in between. Make sure >> ports are open. Try telnet to port 445 to be sure. >> >> On Apr 24, 2011 10:59 AM, "G.Waleed Kavalec" <kava...@gmail.com> wrote: >> > Nope. R1 or R1.ourdomain.local same symptoms. >> > >> > Ping yes - from either subnet. >> > >> > Browse no, SQL no - but ONLY fails from subnet B. >> > >> > >> > On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott < >> crawfo...@evangel.edu>wrote: >> > >> >> does it matter if you use the fqdn? >> >> >> >> >> >> >> >> Sent from my Palm Pre on the Now Network from Sprint >> >> >> >> ------------------------------ >> >> On Apr 23, 2011 11:16 PM, G.Waleed Kavalec <kava...@gmail.com> wrote: >> >> >> >> Thanks Tom, I'll give that a shot in the morning. >> >> >> >> >> >> On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller <tmil...@hnncsb.org> >> wrote: >> >> >> >>> Check the IP properties of the servers in question. I had an issue >> >>> with week where one of my 2008 R2 servers couldn't ping, get to >> anything. I >> >>> went into the properties of IPv4, everthing looked good, then checked >> the >> >>> box to "verify" upon exit. Then all was well. Weird. May not apply, >> just >> >>> a suggestion. >> >>> >> >>> You can always uninstall/reinstall the file server role (can't >> remember >> >>> the exact name of the role off-hand). >> >>> >> >>> >>> "G.Waleed Kavalec" 04/23/11 8:43 PM >>> >> >>> Two sites, R and B. Same domain, different subnets. >> >>> >> >>> All R servers can see all B servers >> >>> All B servers can see all R servers - EXCEPT TWO >> >>> >> >>> R1 and R2 see all B servers, browse folders etc. >> >>> >> >>> B servers can PING R1 and R2 just fine; R1 and R2 can PING B >> >>> servers just fine. >> >>> >> >>> But B cannot browse R1 or R2 folders for nothing. >> >>> >> >>> Diagnose gives "file and print sharing resource R1 is online but isn't >> >>> responding to connection attempts" >> >>> >> >>> >> >>> Other R servers can browse R1 and R2 no problem. >> >>> Other R servers can connect to R1 and R2 sql instances just fine. >> >>> >> >>> B servers can can browse other R servers no problem. >> >>> B servers can can connect to other R servers sql instances just fine. >> >>> >> >>> >> >>> Firewalls OFF, route statements confirmed (see: ping) >> >>> >> >>> All machines 2008 R2 up-to-date on patches. >> >>> >> >>> I **think** I have verified all necessary services are up. >> >>> >> >>> >> >>> Arrrrggh ! >> >>> >> >>> -- >> >>> >> >>> __________________ >> >>> Gregory Waleed Kavalec >> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
