RE: frustrating network issue on two servers
Could it be possible that there are duplicate IP's on your domain? That would account for getting positive ping results back but not being able to connect to other services that should be there? Perhaps someone VPN'ed from the outside with the same ip range. I've seen it happen before and since you said you are using 192.168.x.x range it seems easily possible. From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:33 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers I'm not logging in again tonight (gotomypc and several layers of tss) (It might have been some oddball whitespace in my cmd.) I will try it again live tomorrrow. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:37 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers The exact command I used was Nmap -sS -P0 -p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can't tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 4:06 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a
Re: frustrating network issue on two servers
I don't think so, because we can SQL and browse to R1 R2 from the R subnet, no problem. The symptom only exists crossing over from the B subnet. And other R servers can be reached from B, no problem. On Mon, Apr 25, 2011 at 7:21 AM, N Parr npar...@mortonind.com wrote: Could it be possible that there are duplicate IP's on your domain? That would account for getting positive ping results back but not being able to connect to other services that should be there? Perhaps someone VPN'ed from the outside with the same ip range. I've seen it happen before and since you said you are using 192.168.x.x range it seems easily possible. -- *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:33 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers I'm not logging in again tonight (gotomypc and several layers of tss) (It might have been some oddball whitespace in my cmd.) I will try it again live tomorrrow. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.orgwrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a suggestion. You can always uninstall/reinstall the file server role (can't remember the exact name of the role off-hand). G.Waleed Kavalec 04/23/11 8:43 PM Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to
RE: frustrating network issue on two servers
Not knowing your exact network layout it still seems possible. If there there were duplicate ip's for the two R servers and the route B is taking to get to R is seeing the duplicate IP's first then you would have this situation. Things like this aren't suppose to happen via VPN'ed clients, etc. But after skimming through this thread and seeing all the complicated trouble shooting advice being offered it sometimes helps to step back and look at the simplest solution, which is more often than not right. What if you change the IP address of one of the problem R servers, clear your dns cache, clean up DC's etc. Do things start working? From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 7:59 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers I don't think so, because we can SQL and browse to R1 R2 from the R subnet, no problem. The symptom only exists crossing over from the B subnet. And other R servers can be reached from B, no problem. On Mon, Apr 25, 2011 at 7:21 AM, N Parr npar...@mortonind.com wrote: Could it be possible that there are duplicate IP's on your domain? That would account for getting positive ping results back but not being able to connect to other services that should be there? Perhaps someone VPN'ed from the outside with the same ip range. I've seen it happen before and since you said you are using 192.168.x.x range it seems easily possible. From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:33 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers I'm not logging in again tonight (gotomypc and several layers of tss) (It might have been some oddball whitespace in my cmd.) I will try it again live tomorrrow. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:37 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers The exact command I used was Nmap -sS -P0 -p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can't tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 4:06 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined?
Re: frustrating network issue on two servers
OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.edu wrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a suggestion. You can always uninstall/reinstall the file server role (can't remember the exact name of the role off-hand). G.Waleed Kavalec 04/23/11 8:43 PM Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can connect to other R servers sql instances just fine. Firewalls OFF, route statements confirmed (see: ping) All machines 2008 R2 up-to-date on patches. I **think** I have verified all necessary services are up. Aggh ! --
Re: frustrating network issue on two servers
I could have tried that on the weekend. Today, though, I can ADD an IP. BRB On Mon, Apr 25, 2011 at 8:09 AM, N Parr npar...@mortonind.com wrote: Not knowing your exact network layout it still seems possible. If there there were duplicate ip's for the two R servers and the route B is taking to get to R is seeing the duplicate IP's first then you would have this situation. Things like this aren't suppose to happen via VPN'ed clients, etc. But after skimming through this thread and seeing all the complicated trouble shooting advice being offered it sometimes helps to step back and look at the simplest solution, which is more often than not right. What if you change the IP address of one of the problem R servers, clear your dns cache, clean up DC's etc. Do things start working? -- *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 7:59 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers I don't think so, because we can SQL and browse to R1 R2 from the R subnet, no problem. The symptom only exists crossing over from the B subnet. And other R servers can be reached from B, no problem. On Mon, Apr 25, 2011 at 7:21 AM, N Parr npar...@mortonind.com wrote: Could it be possible that there are duplicate IP's on your domain? That would account for getting positive ping results back but not being able to connect to other services that should be there? Perhaps someone VPN'ed from the outside with the same ip range. I've seen it happen before and since you said you are using 192.168.x.x range it seems easily possible. -- *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:33 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers I'm not logging in again tonight (gotomypc and several layers of tss) (It might have been some oddball whitespace in my cmd.) I will try it again live tomorrrow. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.orgwrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks
Re: frustrating network issue on two servers
OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.orgwrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a suggestion. You can always uninstall/reinstall the file server role (can't remember the exact name of the role off-hand). G.Waleed Kavalec 04/23/11 8:43 PM Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can
RE: frustrating network issue on two servers
No NMAP is telling you what is wrong. (Filtered either equals, Firewall/Router ACL) Well this means there is an access list ( Filtered) from the B side to the A side. (If the ports was open then it would show open) I would check the Router Configuration on traffic going from B side to A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:22 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:37 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers The exact command I used was Nmap -sS -P0 -p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can't tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 4:06 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a suggestion. You can always uninstall/reinstall the file server role (can't remember the exact name of the role off-hand). G.Waleed Kavalec 04/23/11 8:43 PM Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and
RE: frustrating network issue on two servers
Check your ACL's on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:31 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that 'filtered' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:37 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers The exact command I used was Nmap -sS -P0 -p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can't tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 4:06 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.eduwrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008 R2 servers couldn't ping, get to anything. I went into the properties of IPv4, everthing looked good, then checked the box to verify upon exit. Then all was well. Weird. May not apply, just a suggestion. You can always uninstall/reinstall the file server role (can't remember the exact name of the role off-hand). G.Waleed Kavalec 04/23/11 8:43 PM Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B
RE: P2V Problems
Sorry this is so late, but it might help someone else in the future. Did it get all the way to the file transfer, sit at 0% forever, and then finally spit out the error? If so, it is because there are actually three machines involved in the P2V, and there is a port that can't communicate. You have your SCVMM Server (2008 R2 for the list below), the P2V Source, and the Hyper-V host. The list I have of needed (default) ports/connections are: Source Destination Port Protocol SCVMM Server P2V source 80 TCP SCVMM Server P2V source 135 TCP SCVMM Server P2V source 1078 TCP Hyper-V Host P2V source 30443 TCP Sometimes other services running on the box you are converting will conflict with one of the necessary ports and you have to change one, but I usually see the error you are reporting when the last port on the list above has just not been configured between the Hyper-V Host and the P2V source. That last port is used for the BITS transfer of the actual data. -Bonnie From: Jay Dale [mailto:jd...@unetek.com] Sent: Friday, April 15, 2011 1:07 PM To: NT System Admin Issues Subject: RE: P2V Problems I went ahead and used vCenter Converter and it worked. Thanks again! Jay Dale Senior Systems Administrator P:281-574-2414 From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Thursday, April 14, 2011 8:14 AM To: NT System Admin Issues Subject: Re: P2V Problems This may be overkill for you, but have you looked at using another migration tool? Windows IT Pro had a decent review of the products in this category recently: http://www.windowsitpro.com/article/virtualization2/comparative-review-p2v-conversion-tools We have a large vSphere environment, and typically use VMWare converter for P2V migrations. but on occasions where that fails we use PlateSpin Migrate. The amount of logging and diagnostics this product provides is impressive. Much more overhead than other products ( you need a dedicated PlateSpin sever). Chris Bodnar, MCSE, MCITP Technical Support III Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.commailto:christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Jay Dale jd...@unetek.commailto:jd...@unetek.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date:04/13/2011 11:37 PM Subject:P2V Problems I have an SBS 2003 server that I am trying to P2V using SCVMM. I haven't had any issues with P2V'ing this process in the past, but this one is really causing me nightmares. The process gets to about 38% complete, then fails with Error 2940 VMM is unable to complete the requested file transfer. The connection to the HTTP server SERVERNAME.himaamericas.local could not be established. (Unknown error (0x80072ee2)) I have tried changing the WinRM ports, Windows Firewall isn't running on either machine, BITS is installed on both, I've been able to successfully create and store a temporary VM on the host, I've restarted both machines - nothing seems to get it to P2V successfully. What else can I try? Thanks, Jay ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
Re: frustrating network issue on two servers
Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but ONLY fails from subnet B. On Sun, Apr 24, 2011 at 12:50 AM, Crawford, Scott crawfo...@evangel.edu wrote: does it matter if you use the fqdn? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 23, 2011 11:16 PM, G.Waleed Kavalec kava...@gmail.com wrote: Thanks Tom, I'll give that a shot in the morning. On Sat, Apr 23, 2011 at 9:39 PM, Tom Miller tmil...@hnncsb.org wrote: Check the IP properties of the servers in question. I had an issue with week where one of my 2008
Re: frustrating network issue on two servers
And, just for the record, R2 (the other problem child) gives the same nmap results as R1 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 09:08 Central Daylight Tim Nmap scan report for 192.168.2.133 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.53 seconds On Mon, Apr 25, 2011 at 8:45 AM, G.Waleed Kavalec kava...@gmail.com wrote: Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.orgwrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08 PM, Ben N bennordlan...@gmail.com wrote: Any firewalls ? Either windwows or something else in between. Make sure ports are open. Try telnet to port 445 to be sure. On Apr 24, 2011 10:59 AM, G.Waleed Kavalec kava...@gmail.com wrote: Nope. R1 or R1.ourdomain.local same symptoms. Ping yes - from either subnet. Browse no, SQL no - but
Re: frustrating network issue on two servers
That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.org wrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All firewalls off. Once again, browse and SQL work fine from the same subnet/site. And ping from both, both directions. On Sun, Apr 24, 2011 at 1:08
Re: frustrating network issue on two servers
PS: my next step (will have to wait for Saturday) is a clean install. On Mon, Apr 25, 2011 at 9:53 AM, G.Waleed Kavalec kava...@gmail.com wrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint -- On Apr 24, 2011 2:02 PM, G.Waleed Kavalec kava...@gmail.com wrote: All
Window 7 printing issue -FYI
I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: frustrating network issue on two servers
Are you sure this is an OS issue and not something having to do with routers or switches or firewalls in between the devices? Have you considered running nMap against those two problem machines from another system on their own subnet (and even from the machines themselves) in order to isolate where the problem is coming from? Also, look at the routing table on the machines in question and see how it differs from the machines that work. (Even if it appears to work via PING, it could be different) I'd do all of these *before* I bothered with a reinstall... *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.comwrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security +
Re: frustrating network issue on two servers
Any AV running on those boxes? *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.comwrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote: ipsec service running? any policies defined? Sent from my Palm Pre on the Now Network from Sprint
Re: frustrating network issue on two servers
Again: All Subnet B servers can access all subnet R servers EXCEPT these two. All Subnet R servers can access all subnet B servers. Other subnet R servers can access these two, no problem. (nMap from Rx to R1 in a minute.) On Mon, Apr 25, 2011 at 10:55 AM, Andrew S. Baker asbz...@gmail.com wrote: Are you sure this is an OS issue and not something having to do with routers or switches or firewalls in between the devices? Have you considered running nMap against those two problem machines from another system on their own subnet (and even from the machines themselves) in order to isolate where the problem is coming from? Also, look at the routing table on the machines in question and see how it differs from the machines that work. (Even if it appears to work via PING, it could be different) I'd do all of these *before* I bothered with a reinstall... *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.comwrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011
Re: frustrating network issue on two servers
Double-checked that this morning. No. On Mon, Apr 25, 2011 at 10:55 AM, Andrew S. Baker asbz...@gmail.com wrote: Any AV running on those boxes? *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.comwrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 5:37 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Sunday, April 24, 2011 4:06 PM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM, Crawford, Scott crawfo...@evangel.edu wrote:
Re: frustrating network issue on two servers
Here is R1 as seen from elsewhere on the R subnet Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 11:16 Central Daylight Time Nmap scan report for rsqlsales01.bswa.local (192.168.2.132) Host is up (0.00s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s MAC Address: 00:26:B9:FD:50:FE (Dell) Nmap done: 1 IP address (1 host up) scanned in 1.54 seconds Healthy as can be, and agrees with the lack of symptoms. On Mon, Apr 25, 2011 at 11:04 AM, G.Waleed Kavalec kava...@gmail.comwrote: Again: All Subnet B servers can access all subnet R servers EXCEPT these two. All Subnet R servers can access all subnet B servers. Other subnet R servers can access these two, no problem. (nMap from Rx to R1 in a minute.) On Mon, Apr 25, 2011 at 10:55 AM, Andrew S. Baker asbz...@gmail.comwrote: Are you sure this is an OS issue and not something having to do with routers or switches or firewalls in between the devices? Have you considered running nMap against those two problem machines from another system on their own subnet (and even from the machines themselves) in order to isolate where the problem is coming from? Also, look at the routing table on the machines in question and see how it differs from the machines that work. (Even if it appears to work via PING, it could be different) I'd do all of these *before* I bothered with a reinstall... *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.comwrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.orgwrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1
RE: frustrating network issue on two servers
That is what I was getting at, an ACL on the router(s) that connect the B segment to the A segment and vice-versa. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, April 25, 2011 11:55 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Are you sure this is an OS issue and not something having to do with routers or switches or firewalls in between the devices? Have you considered running nMap against those two problem machines from another system on their own subnet (and even from the machines themselves) in order to isolate where the problem is coming from? Also, look at the routing table on the machines in question and see how it differs from the machines that work. (Even if it appears to work via PING, it could be different) I'd do all of these *before* I bothered with a reinstall... ASB (Professional Bio http://about.me/Andrew.S.Baker/bio ) Harnessing the Advantages of Technology for the SMB market... On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.com wrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.org wrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:46 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL's on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:31 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that 'filtered' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org
RE: frustrating network issue on two servers
Hi, I may have missed the question about is this a new setup, or an existing one that broke? if it was working before, when did it break, and what changed? If it is a new setup, then the ACLs and/or firewall settings others have suggested are the best candidates for the culprit. From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Saturday, April 23, 2011 7:43 PM To: NT System Admin Issues Subject: frustrating network issue on two servers Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can connect to other R servers sql instances just fine. Firewalls OFF, route statements confirmed (see: ping) All machines 2008 R2 up-to-date on patches. I **think** I have verified all necessary services are up. Aggh ! -- __ Gregory Waleed Kavalec - G.O.P. stands for George Orwell Prediction ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: frustrating network issue on two servers
Is the affected server on a managed switch, and do you have access to mirror/span the port to which it's attached? If so, a quick peek with wireshark/tcpdump will tell you if traffic from other machines are actually reaching that machine. Failing that, you could install the Windows netmon tools on the affected server and use those to see if the packets are reaching it. Kurt On Mon, Apr 25, 2011 at 07:53, G.Waleed Kavalec kava...@gmail.com wrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.org wrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:46 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 9:31 AM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that 'filtered' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATE SERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org (172.18.2.41) Host is up. PORT STATE SERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 9.81 seconds Did the same command against one of my systems, with Windows 7 and NMAP 5.5.1 and worked fine. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 5:37 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers The exact command I used was Nmap –sS –P0 –p 137,138,139,445,1433 192.168.2.132 This gave back the error I posted. On Sun, Apr 24, 2011 at 3:18 PM, Ziots, Edward ezi...@lifespan.org wrote: I also scanned systems with Nmap 5.51 and the commands I gave earlier worked fine. Without seeing the response from Nmap I can’t tell you if a router acl, or firewall setting, is the culprit. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Sunday, April 24, 2011 4:06 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Ipsec policy agent is running, no policies defined. On Sun, Apr 24, 2011 at 2:34 PM,
Little help with icacls.exe
Could use some help with icalcs. I have a subdirectory called HOME. Underneath that HOME directory I have several hundred folders which are user home folders. Permissions are a bit whacky on the subfolders underneath HOME. I want to force the following permissions on ALL of those subfolders. System - FULL Domain Admins - FULL The user itself - FULL Inheritable permissions should NOT be applied at the root of each users home folder. Can someone help with the format needed with ICACLS to make this happen? Thanks J mail2web.com Enhanced email for the mobile individual based on Microsoft® Exchange - http://link.mail2web.com/Personal/EnhancedEmail ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Window 7 printing issue -FYI
Nice. Thanks for this. Kurt On Mon, Apr 25, 2011 at 08:17, Jonathan Link jonathan.l...@gmail.com wrote: I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Little help with icacls.exe
o- Manually set the permissions the way you want on one folder. Consider the use of Creator/Owner and %username% in this context. o- Use icacls to export those permissions to a text file so that you can examine them. o- Build a script to apply those permissions to the rest of the folders. Kurt On Mon, Apr 25, 2011 at 09:53, jesse-r...@wi.rr.com jesse-r...@wi.rr.com wrote: Could use some help with icalcs. I have a subdirectory called HOME. Underneath that HOME directory I have several hundred folders which are user home folders. Permissions are a bit whacky on the subfolders underneath HOME. I want to force the following permissions on ALL of those subfolders. System - FULL Domain Admins - FULL The user itself - FULL Inheritable permissions should NOT be applied at the root of each users home folder. Can someone help with the format needed with ICACLS to make this happen? Thanks J mail2web.com – Enhanced email for the mobile individual based on Microsoft® Exchange - http://link.mail2web.com/Personal/EnhancedEmail ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Window 7 printing issue -FYI
Yea We have run into this several times. Thanks for the link, will roll it out to a few servers. BF From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 11:17 AM To: NT System Admin Issues Subject: Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Window 7 printing issue -FYI
It's a client side patch. Sorry if I wasn't clear on that. On Mon, Apr 25, 2011 at 1:10 PM, Bob Fronk b...@btrfronk.com wrote: Yea…. We have run into this several times. Thanks for the link, will roll it out to a few servers. BF *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Monday, April 25, 2011 11:17 AM *To:* NT System Admin Issues *Subject:* Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Window 7 printing issue -FYI
Yeah.. I read that after I replied. BF From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 1:16 PM To: NT System Admin Issues Subject: Re: Window 7 printing issue -FYI It's a client side patch. Sorry if I wasn't clear on that. On Mon, Apr 25, 2011 at 1:10 PM, Bob Fronk b...@btrfronk.commailto:b...@btrfronk.com wrote: Yea We have run into this several times. Thanks for the link, will roll it out to a few servers. BF From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 11:17 AM To: NT System Admin Issues Subject: Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Window 7 printing issue -FYI
I would think this is rolled into SP1? (I have not looked to see) BF From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 1:16 PM To: NT System Admin Issues Subject: Re: Window 7 printing issue -FYI It's a client side patch. Sorry if I wasn't clear on that. On Mon, Apr 25, 2011 at 1:10 PM, Bob Fronk b...@btrfronk.commailto:b...@btrfronk.com wrote: Yea We have run into this several times. Thanks for the link, will roll it out to a few servers. BF From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 11:17 AM To: NT System Admin Issues Subject: Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Little help with icacls.exe
For /d %i in (*.*) do Icacls %i /reset icacls %i /grant administrators:f /grant %i:f /grant system:f /t /inheritance:r Depending on how badly wonked the existing permissions are, you may or may not need the reset command in there. -Original Message- From: jesse-r...@wi.rr.com [mailto:jesse-r...@wi.rr.com] Sent: Monday, April 25, 2011 11:54 AM To: NT System Admin Issues Subject: Little help with icacls.exe Could use some help with icalcs. I have a subdirectory called HOME. Underneath that HOME directory I have several hundred folders which are user home folders. Permissions are a bit whacky on the subfolders underneath HOME. I want to force the following permissions on ALL of those subfolders. System - FULL Domain Admins - FULL The user itself - FULL Inheritable permissions should NOT be applied at the root of each users home folder. Can someone help with the format needed with ICACLS to make this happen? Thanks J mail2web.com - Enhanced email for the mobile individual based on Microsoft(r) Exchange - http://link.mail2web.com/Personal/EnhancedEmail ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Window 7 printing issue -FYI
Looks like it should be. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Monday, April 25, 2011 12:29 PM To: NT System Admin Issues Subject: RE: Window 7 printing issue -FYI I would think this is rolled into SP1? (I have not looked to see) BF From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 1:16 PM To: NT System Admin Issues Subject: Re: Window 7 printing issue -FYI It's a client side patch. Sorry if I wasn't clear on that. On Mon, Apr 25, 2011 at 1:10 PM, Bob Fronk b...@btrfronk.commailto:b...@btrfronk.com wrote: Yea We have run into this several times. Thanks for the link, will roll it out to a few servers. BF From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Monday, April 25, 2011 11:17 AM To: NT System Admin Issues Subject: Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Window 7 printing issue -FYI
I just reviewed the hotfixes for sp1, and it is included. Unfortunately, SP1 has caused an issue with one of our applications, and we are waiting on a vendor to fix it... Which should happen soon, now that tax season has passed... On Mon, Apr 25, 2011 at 1:44 PM, Brian Desmond br...@briandesmond.comwrote: *Looks like it should be. * * * *Thanks,* *Brian Desmond* *br...@briandesmond.com* br...@briandesmond.com** * * *c – 312.731.3132* * * *From:* Bob Fronk [mailto:b...@btrfronk.com] *Sent:* Monday, April 25, 2011 12:29 PM *To:* NT System Admin Issues *Subject:* RE: Window 7 printing issue -FYI I would think this is rolled into SP1? (I have not looked to see) BF *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Monday, April 25, 2011 1:16 PM *To:* NT System Admin Issues *Subject:* Re: Window 7 printing issue -FYI It's a client side patch. Sorry if I wasn't clear on that. On Mon, Apr 25, 2011 at 1:10 PM, Bob Fronk b...@btrfronk.com wrote: Yea…. We have run into this several times. Thanks for the link, will roll it out to a few servers. BF *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] *Sent:* Monday, April 25, 2011 11:17 AM *To:* NT System Admin Issues *Subject:* Window 7 printing issue -FYI I have had intermittent printing problems with Windows 7 clients, on my Win2k3 (SBS) print server. They really blew up in the last few weeks, almost every person in my office running Windows 7 has had a problem at one point or another in that time. The following hotfix appears to match my symptoms, and I've deployed it to my most troublesome client computers. http://support.microsoft.com/kb/2388142/en-us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: frustrating network issue on two servers
Servers R1 and R2 have been up for months, but until recently access from subnet B was not tested. I added IP address 192.168.2.142 and it gives the same results. So I move 192.168.2.142 to (working) server R3 and nMap says. . . Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 12:53 Central Daylight Time Nmap scan report for 192.168.2.142 Host is up (0.0097s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp closed netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.53 seconds The problem occurs ONLY on R1 and R2, even with a different IP So, I am missing how this can be on the router? Thanks! On Mon, Apr 25, 2011 at 11:37 AM, Kim Longenbaugh k...@colonialsavings.comwrote: Hi, I may have missed the question about “is this a new setup, or an existing one that broke?” if it was working before, when did it break, and what changed? If it is a new setup, then the ACLs and/or firewall settings others have suggested are the best candidates for the culprit. *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Saturday, April 23, 2011 7:43 PM *To:* NT System Admin Issues *Subject:* frustrating network issue on two servers Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can connect to other R servers sql instances just fine. Firewalls OFF, route statements confirmed (see: ping) All machines 2008 R2 up-to-date on patches. I **think** I have verified all necessary services are up. Aggh ! -- __ Gregory Waleed Kavalec - G.O.P. stands for George Orwell Prediction ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- __ Gregory Waleed Kavalec - *G.O.P. stands for George Orwell Prediction * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: frustrating network issue on two servers
You might try running a network trace :) From: G.Waleed Kavalec [mailto:kava...@gmail.com] Sent: Monday, April 25, 2011 12:58 PM To: NT System Admin Issues Subject: Re: frustrating network issue on two servers Servers R1 and R2 have been up for months, but until recently access from subnet B was not tested. I added IP address 192.168.2.142 and it gives the same results. So I move 192.168.2.142 to (working) server R3 and nMap says. . . Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 12:53 Central Daylight Time Nmap scan report for 192.168.2.142 Host is up (0.0097s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp closed netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.53 seconds The problem occurs ONLY on R1 and R2, even with a different IP So, I am missing how this can be on the router? Thanks! On Mon, Apr 25, 2011 at 11:37 AM, Kim Longenbaugh k...@colonialsavings.commailto:k...@colonialsavings.com wrote: Hi, I may have missed the question about is this a new setup, or an existing one that broke? if it was working before, when did it break, and what changed? If it is a new setup, then the ACLs and/or firewall settings others have suggested are the best candidates for the culprit. From: G.Waleed Kavalec [mailto:kava...@gmail.commailto:kava...@gmail.com] Sent: Saturday, April 23, 2011 7:43 PM To: NT System Admin Issues Subject: frustrating network issue on two servers Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can connect to other R servers sql instances just fine. Firewalls OFF, route statements confirmed (see: ping) All machines 2008 R2 up-to-date on patches. I **think** I have verified all necessary services are up. Aggh ! -- __ Gregory Waleed Kavalec - G.O.P. stands for George Orwell Prediction ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- __ Gregory Waleed Kavalec - G.O.P. stands for George Orwell Prediction ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: frustrating network issue on two servers
Exactly. While it is possible for the problem to be a server-side config, it is more likely that there is a security setting tied to the switch port, or IP address or some protocol in use by the server. I had a scenario where I built a new server to replace my old monitoring server and put it into a policy group on the firewall that limited traffic to it. Took me a while to figure that one out, even though I was the only person who had managed the devices in question. *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 12:30 PM, Ziots, Edward ezi...@lifespan.org wrote: That is what I was getting at, an ACL on the router(s) that connect the B segment to the A segment and vice-versa. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* Andrew S. Baker [mailto:asbz...@gmail.com] *Sent:* Monday, April 25, 2011 11:55 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Are you sure this is an OS issue and not something having to do with routers or switches or firewalls in between the devices? Have you considered running nMap against those two problem machines from another system on their own subnet (and even from the machines themselves) in order to isolate where the problem is coming from? Also, look at the routing table on the machines in question and see how it differs from the machines that work. (Even if it appears to work via PING, it could be different) I'd do all of these *before* I bothered with a reinstall... *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market...** * * * On Mon, Apr 25, 2011 at 10:53 AM, G.Waleed Kavalec kava...@gmail.com wrote: That is exactly where I am, but I cannot find a single factor on R1 or R2 that would account for such a rule. All firewalls are off. I've compared Services on R1 and (working) R3. Especially: what kind of access control *only* affects connections from another subnet? Sincerely Bald by Nightfall On Mon, Apr 25, 2011 at 9:14 AM, Ziots, Edward ezi...@lifespan.org wrote: That looks better, But from B1 to a different R server on the A side. Shows that the ACL might just be with the first R server ( you tested) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:46 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers Here is the nmap result from B1 to a different R server Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:42 Central Daylight Time Nmap scan report for 192.168.2.134 Host is up (0.0092s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds Doesn't this mean the routers are fine? On Mon, Apr 25, 2011 at 8:34 AM, Ziots, Edward ezi...@lifespan.org wrote: Check your ACL’s on the router on the B side before it sends the traffic over to the interface on the A side. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Monday, April 25, 2011 9:31 AM *To:* NT System Admin Issues *Subject:* Re: frustrating network issue on two servers OK, I've had my cup of coffee and realized that '*filtered*' != 'open' Now I have to figure out why these ports are filtered, but only across the subnet. On Mon, Apr 25, 2011 at 8:21 AM, G.Waleed Kavalec kava...@gmail.com wrote: OK, success in nmap - still same symptoms in SQL and Browse NMAP -sS -P0 -p 137,138,139,445,1433 192.168.2.132 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 08:16 Central Daylight Time Nmap scan report for 192.168.2.132 Host is up. PORT STATESERVICE 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1433/tcp filtered ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds Wonderful! NMAP assures me that nothing is wrong. But the patient is still dead. On Sun, Apr 24, 2011 at 4:55 PM, Ziots, Edward ezi...@lifespan.org wrote: C:\windows\system32nmap -sS -P0 -p 137,138,139,445,1433 172.18.2.41 Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-24 17:54 Eastern Daylight Time Nmap scan report for riavayadsp1.lsmaster.lifespan.org
Re: frustrating network issue on two servers
It could be on the switch, based on VLAN or physical port. It could be on the firewall or router based on protocol or network port. *ASB *(Professional Bio http://about.me/Andrew.S.Baker/bio) *Harnessing the Advantages of Technology for the SMB market... * On Mon, Apr 25, 2011 at 1:57 PM, G.Waleed Kavalec kava...@gmail.com wrote: Servers R1 and R2 have been up for months, but until recently access from subnet B was not tested. I added IP address 192.168.2.142 and it gives the same results. So I move 192.168.2.142 to (working) server R3 and nMap says. . . Starting Nmap 5.51 ( http://nmap.org ) at 2011-04-25 12:53 Central Daylight Time Nmap scan report for 192.168.2.142 Host is up (0.0097s latency). PORT STATE SERVICE 137/tcp closed netbios-ns 138/tcp closed netbios-dgm 139/tcp closed netbios-ssn 445/tcp open microsoft-ds 1433/tcp open ms-sql-s Nmap done: 1 IP address (1 host up) scanned in 0.53 seconds The problem occurs ONLY on R1 and R2, even with a different IP So, I am missing how this can be on the router? Thanks! On Mon, Apr 25, 2011 at 11:37 AM, Kim Longenbaugh k...@colonialsavings.com wrote: Hi, I may have missed the question about “is this a new setup, or an existing one that broke?” if it was working before, when did it break, and what changed? If it is a new setup, then the ACLs and/or firewall settings others have suggested are the best candidates for the culprit. *From:* G.Waleed Kavalec [mailto:kava...@gmail.com] *Sent:* Saturday, April 23, 2011 7:43 PM *To:* NT System Admin Issues *Subject:* frustrating network issue on two servers Two sites, R and B. Same domain, different subnets. All R servers can see all B servers All B servers can see all R servers - EXCEPT TWO R1 and R2 see all B servers, browse folders etc. B servers can PING R1 and R2 just fine; R1 and R2 can PING B servers just fine. But B cannot browse R1 or R2 folders for nothing. Diagnose gives file and print sharing resource R1 is online but isn't responding to connection attempts Other R servers can browse R1 and R2 no problem. Other R servers can connect to R1 and R2 sql instances just fine. B servers can can browse other R servers no problem. B servers can can connect to other R servers sql instances just fine. Firewalls OFF, route statements confirmed (see: ping) All machines 2008 R2 up-to-date on patches. I **think** I have verified all necessary services are up. Aggh ! -- __ Gregory Waleed Kavalec ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
Are you using server 2008 or 2008 R@? If so why not just put the file there using GPP? - Computer Config Preferences Windows Settings Files. No need for a script no problem with UAC. -Original Message- From: Shaun N Owens [mailto:snow...@ucdavis.edu] Sent: Monday, April 25, 2011 4:22 PM To: NT System Admin Issues Subject: Help with script or alternative to suppress flash update notices Hello, I was looking for a way to supress the Adobe Flash update pop ups, Accoring to the Adobe site you create a mms.cfg file and copy the file to c:\windows\syswow64 for Windows 7 machines. I wrote a VB scripts but I get an access is denied error, does anybody have any code to get around the UAC or another way of suppressing the update notifications that users get. I want to push this out via a GPO somehow set objFso=createObject(scripting.fileSystemObject ) strFileToCopy=\\ou.MVF.edu\or\GP Software\Flash\mms.cfg strFolder=C:\Windows\SysWOW64 if objFso.folderExists(strFolder) then objFso.copyFile strFileToCopy,strFolder\,true end if Best, Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt- software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: --- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
Windows 7 you say? Then GPO's can copy the files for you, no need for script. They can update, create, delete and replace files. Comp ConfigPrefsWindows SettingsFiles But on another note, I have never had to do this (Remove Flash update messages...) Do you have Adobe Download Manager installed? If so, and you manage Adobe updates yourself, I'd just uninstall that. -Sam -Original Message- From: Shaun N Owens [mailto:snow...@ucdavis.edu] Sent: Monday, April 25, 2011 3:22 PM To: NT System Admin Issues Subject: Help with script or alternative to suppress flash update notices Hello, I was looking for a way to supress the Adobe Flash update pop ups, Accoring to the Adobe site you create a mms.cfg file and copy the file to c:\windows\syswow64 for Windows 7 machines. I wrote a VB scripts but I get an access is denied error, does anybody have any code to get around the UAC or another way of suppressing the update notifications that users get. I want to push this out via a GPO somehow set objFso=createObject(scripting.fileSystemObject ) strFileToCopy=\\ou.MVF.edu\or\GP Software\Flash\mms.cfg strFolder=C:\Windows\SysWOW64 if objFso.folderExists(strFolder) then objFso.copyFile strFileToCopy,strFolder\,true end if Best, Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
Agreed with GPP. But, if you need to do with a script, it needs to be run as a startup script and not a logon script. -Original Message- From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Monday, April 25, 2011 3:50 PM To: NT System Admin Issues Subject: RE: Help with script or alternative to suppress flash update notices Are you using server 2008 or 2008 R@? If so why not just put the file there using GPP? - Computer Config Preferences Windows Settings Files. No need for a script no problem with UAC. -Original Message- From: Shaun N Owens [mailto:snow...@ucdavis.edu] Sent: Monday, April 25, 2011 4:22 PM To: NT System Admin Issues Subject: Help with script or alternative to suppress flash update notices Hello, I was looking for a way to supress the Adobe Flash update pop ups, Accoring to the Adobe site you create a mms.cfg file and copy the file to c:\windows\syswow64 for Windows 7 machines. I wrote a VB scripts but I get an access is denied error, does anybody have any code to get around the UAC or another way of suppressing the update notifications that users get. I want to push this out via a GPO somehow set objFso=createObject(scripting.fileSystemObject ) strFileToCopy=\\ou.MVF.edu\or\GP Software\Flash\mms.cfg strFolder=C:\Windows\SysWOW64 if objFso.folderExists(strFolder) then objFso.copyFile strFileToCopy,strFolder\,true end if Best, Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt- software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: --- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
Deploy the flash msi with GPO's and use orca to make a transform that toggles the update property. -Original Message- From: Shaun N Owens [mailto:snow...@ucdavis.edu] Sent: Monday, April 25, 2011 2:22 PM To: NT System Admin Issues Subject: Help with script or alternative to suppress flash update notices Hello, I was looking for a way to supress the Adobe Flash update pop ups, Accoring to the Adobe site you create a mms.cfg file and copy the file to c:\windows\syswow64 for Windows 7 machines. I wrote a VB scripts but I get an access is denied error, does anybody have any code to get around the UAC or another way of suppressing the update notifications that users get. I want to push this out via a GPO somehow set objFso=createObject(scripting.fileSystemObject ) strFileToCopy=\\ou.MVF.edu\or\GP Software\Flash\mms.cfg strFolder=C:\Windows\SysWOW64 if objFso.folderExists(strFolder) then objFso.copyFile strFileToCopy,strFolder\,true end if Best, Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
Thanks for the help, I'll give that a try, I forgot that existed. Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Help with script or alternative to suppress flash update notices
+1 on deploying with GPO, no need to mess around with copying files. And if you don't want to bother with Orca and a transform, then a user login script (must run in user context b/c value is set in HKCU) for quietly killing the auto-update pop-up is this (wrappage): on error resume next Set WshShell = WScript.CreateObject(WScript.Shell) WshShell.RegDelete HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\FlashPlayerUpdate Carl -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Monday, April 25, 2011 5:00 PM To: NT System Admin Issues Subject: RE: Help with script or alternative to suppress flash update notices Deploy the flash msi with GPO's and use orca to make a transform that toggles the update property. -Original Message- From: Shaun N Owens [mailto:snow...@ucdavis.edu] Sent: Monday, April 25, 2011 2:22 PM To: NT System Admin Issues Subject: Help with script or alternative to suppress flash update notices Hello, I was looking for a way to supress the Adobe Flash update pop ups, Accoring to the Adobe site you create a mms.cfg file and copy the file to c:\windows\syswow64 for Windows 7 machines. I wrote a VB scripts but I get an access is denied error, does anybody have any code to get around the UAC or another way of suppressing the update notifications that users get. I want to push this out via a GPO somehow set objFso=createObject(scripting.fileSystemObject ) strFileToCopy=\\ou.MVF.edu\or\GP Software\Flash\mms.cfg strFolder=C:\Windows\SysWOW64 if objFso.folderExists(strFolder) then objFso.copyFile strFileToCopy,strFolder\,true end if Best, Shaun ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin