|
Posted by Steve Riley [MSFT] on June 23, 2008, 6:22 pm
If you were Registered and logged in, you could reply and use other advanced thread options
entire machine. The firewall/IPsec engine thinks at the IP layer, not at the
NIC layer.
While I haven't tried this personally, here's a thought. Configure an
inbound rule that permits all traffic from your internal subnet and another
rule that permits only HTTP from all addresses.
--
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com
> I'd already looked at that.
> In my Windows Server 2008 machine, it lists:
> * Local area network
> * Remote access
> * Wireless
> So it doesn't seem to help me when I want to apply the rules to only one
> of
> two NICs, because they are both consider a LAN.
>
> "Daniel Petri <MVP>" wrote:
>
>> First of all, are you sure you didn't delete any of the default FW rules?
>> I
>> would restore to defaults by using the Windows FW with Advanced Security
>> context menu.
>>
>> As for your question - each rule has an advanced tab. In it, you can
>> click
>> on the Interfaces Customize button, and bingo.
>>
>> --
>> Sincerely,
>>
>> Daniel Petri
>> MVP, Senior IT consultant, trainer
>> www.petri.co.il
>>
>> > I've just setup a new Windows Web Server 2008 machine.
>> > I installed the OS and joined it to my domain, setup some shared
>> > folders
>> > and
>> > copied some files on to it. I had it running really well on the LAN.
>> > Then I insttaled a 2nd NIC which I connected directly to our external
>> > router
>> > and assigned it a static internet IP.
>> > I could see the preliminary "under construction" website and things
>> > were
>> > looking good. I then ran a port scan on the external IP and it had
>> > lots
>> > of
>> > stuff open.
>> > I went into "Windows Firewall with Advanced Security" and found LOTS of
>> > rules to allow "Core Networking" and "File and Printer Sharing". The
>> > Core
>> > networking stuff looked fine, but the "File and Printer Sharing"
>> > definitions
>> > existed 3 times each, one for each profile "Private", "Domain", and
>> > "Public".
>> > So I remeoved the Public versions of each of those.
>> > The the port scan only showed port 80 open ... again I thought all was
>> > well.
>> > But now I can no longer find that machine or access its shares from the
>> > LAN
>> > NIC!
>> > But it can get to the other machines on the LAN.
>> >
>> > Network and Sharing center shows the LAN NIC and a "Domain network"
>> > with
>> > "Local only" access and the Internet NIC as "Public network" with
>> > "Local
>> > and
>> > Internet" access. It also shows Network discovery as "Custom" and File
>> > sharing a "On".
>> >
>> > I tried turing the firewall off for the Private and Domain profiles,
>> > but
>> > it
>> > makes no difference. No matter what I try, and I've tried a lot, I get
>> > one
>> > of 3 things:
>> > 1) Nothing works
>> > 2) Everything works but leaves lots of open ports it Internet
>> > 3) Internet access is perfect but inbound LAN access doesn't work,
>> > outbound
>> > ok.
>> >
>> > Does anybody know how to get the firewall to either guard just the
>> > Internet
>> > NIC, or how to have different rules for each NIC?
>>
| 
XML site map